CVE-2024-52561
CVE-2024-52561
In short
Parallels Desktop for Mac allows attackers to escalate privileges by exploiting a flaw in how snapshot files are deleted. When snapshots are removed, an attacker can use a symlink trick to change ownership of root-owned files to their user account, gaining higher privileges.
Technical detail
A privilege escalation vulnerability exists in Parallels Desktop 20.1.1 (build 55740) where the root service performing ownership modifications on snapshot deletion can be abused via symlink substitution (CWE-708). An attacker with local user access can redirect file operations to arbitrary paths, changing ownership of privileged files to lower-privilege accounts and achieving privilege escalation.
Summary generated and translated by AI from the official description.
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is deleted, a root service verifies and modifies the ownership of the snapshot files. By using a symlink, an attacker can change the ownership of files owned by root to a lower-privilege user, potentially leading to privilege escalation.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Affected products
Parallels · Parallels Desktop for MacWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →