Privilege Escalation via Code Signature Bypass in Parallels Desktop for Mac
CVE-2024-34331

Currently unrated

Key Information:

Vendor

Parallels

Vendor
CVE Published:
23 September 2024

Badges

📈 Score: 468👾 Exploit Exists📰 News Worthy

What is CVE-2024-34331?

CVE-2024-34331 is a vulnerability found in Parallels Desktop for Mac, specifically affecting versions 19.3.0 and earlier. Parallels Desktop is a popular application that enables users to run Windows and other operating systems on Mac machines. This vulnerability involves a significant flaw in code signature verification that allows attackers to exploit a crafted macOS installer to escalate privileges, given that the Parallels Service is executed with root privileges. If exploited, this vulnerability could severely compromise the integrity and security of the affected systems within an organization.

Technical Details

The core of CVE-2024-34331 lies in the lack of sufficient code signature validation within the affected versions of Parallels Desktop. The vulnerability stems from the improper handling of code signatures when installing applications or packages on macOS. With Parallels Service being setuid root, this allows an attacker to gain elevated privileges, potentially enabling complete control over the system without appropriate authorization.

Potential Impact of CVE-2024-34331

  1. Unauthorized Access: Attackers can gain unauthorized administrative rights on affected devices, allowing them to manipulate system settings, install malicious software, or access sensitive information.

  2. System Compromise: The ability to escalate privileges significantly increases the risk of system compromise, where attackers can execute unauthorized code, potentially leading to further exploitation of the network or connected devices.

  3. Data Breach Risks: With elevated privileges, attackers may access confidential data and potentially exfiltrate sensitive information, leading to data breaches that can have severe legal and reputational consequences for organizations affected.

News Articles

Zero-Day Bug Pops Up in Parallels Desktop for Mac

A patch bypass for a bug in the popular desktop emulator enables root-level privilege escalation and has no fix in sight.

favicon imageBleepingComputer

Exploits for unpatched Parallels Desktop flaw give root on Macs

Two different exploits for an unpatched Parallels Desktop privilege elevation vulnerability have been publicly disclosed, allowing users to gain root access on impacted Mac devices.

favicon imageCybersecurityNews

Parallels Desktop 0-Day Vulnerability Gain Root Privileges - PoC Released

A critical 0-day vulnerability in Parallels Desktop virtualization software has been publicly disclosed, enabling local attackers to escalate privileges.

References

https://kb.parallels.com/129860
https://khronokernel.com/macos/2024/05/30/CVE-2024-34331....

Timeline

  • 👾

    Exploit known to exist

  • Vulnerability published

  • 📰

    First article discovered by CyberDefence24

.