Privilege Escalation in Parallels Desktop by Parallels
CVE-2022-34892
7.8HIGH
What is CVE-2022-34892?
This vulnerability allows local attackers to escalate privileges in Parallels Desktop installations by exploiting a flaw in the update mechanism. The issue arises from improper locking during operations on an object, enabling an attacker who has already gained low-level access to execute arbitrary code with elevated privileges, potentially obtaining root access.
Affected Version(s)
Desktop Parallels Desktop 17.1.1