Parallels Desktop Service Improper Initialization Local Privilege Escalation Vulnerability
CVE-2023-27322
7.8HIGH
What is CVE-2023-27322?
The vulnerability in Parallels Desktop resides within the Parallels Service and stems from inadequate initialization of environment variables. This issue potentially allows local attackers who have previously executed low-privileged code on the system to escalate their privileges. Upon exploitation, the attacker could gain the ability to run arbitrary code with elevated permissions, posing a significant security risk to affected installations.
Affected Version(s)
Desktop 17.1.4 (51567)