Parallels Desktop Updater Improper Verification of Cryptographic Signature Local Privilege Escalation Vulnerability
CVE-2023-50228
7.8HIGH
What is CVE-2023-50228?
A vulnerability exists within the Updater service of Parallels Desktop, allowing local attackers to escalate privileges. This significant flaw stems from inadequate verification of cryptographic signatures. Attackers able to execute low-privileged code on a target system can exploit this weakness to gain elevated privileges, potentially allowing them to execute arbitrary code with root-level access. This vulnerability poses a serious risk to users of the affected software versions.
Affected Version(s)
Desktop 18.3.2 (53621)