Privilege Escalation Vulnerability in Parallels Desktop for Mac
CVE-2024-52561
7.8HIGH
What is CVE-2024-52561?
A vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac which allows an attacker to exploit symlinks when deleting virtual machine snapshots. This can lead to the unauthorized modification of file ownership, enabling lower-privilege users to gain elevated access to sensitive files normally restricted to root. Proper safeguards are essential to mitigate the risks associated with this vulnerability.
Affected Version(s)
Parallels Desktop for Mac version 20.1.1 (55740)