Local Privilege Escalation Vulnerability in Parallels Access by Parallels
CVE-2022-34902
7.8HIGH
What is CVE-2022-34902?
This vulnerability in Parallels Access 6.5.4 allows local attackers to escalate privileges by exploiting a flaw in the Desktop Control Agent service. The service improperly loads Qt plugins from an unsecured location, which can be leveraged to execute arbitrary code with elevated permissions. To exploit this vulnerability, an attacker must have access to execute low-privileged code on the system, making it essential to secure the environment against unauthorized code execution.
Affected Version(s)
Access 6.5.4 (39316)