CVE-2023-27325
published 2024-05-03CVE-2023-27325: Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on…
PriorityP344high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
EPSS
0.36%
28.2th percentile
Parallels Desktop Updater Improper Initialization Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.
The specific flaw exists within the Updater service. The issue results from the lack of proper initialization of environment variables. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of root.
. Was ZDI-CAN-18253.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| parallels | desktop | — | — |
| parallels | parallels_desktop | < 18.1.0_\(53311\) | 18.1.0_\(53311\) |
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
Trendmicro
Vulnerabilities in Parallels Desktop and CDPATH
blogs_trendmicro·2023-04-06
Vulnerabilities in Parallels Desktop and CDPATH
## Bash Privileged-Mode Vulnerabilities in Parallels Desktop and CDPATH Handling in MacOS
Learn about bash privileged mode vulnerabilities in parallels desktop and cdpath-handling in macos.
By: Zero Day Initiative 2023/04/06 Read time: ( words)
Save to Folio
In the last few years, we have seen multiple vulnerabilities in Parallels Desktop leading to virtual machine escapes. Interested readers can check our previous blog posts about vulnerabilities across interfaces such as RDPMC hypercalls , the Parallels ToolGate, and the VGA virtual device . This post explores another set of issues we received last year - local privilege escalations through setuid root binaries.
Parallels Desktop has a couple of setuid binaries: prl_update_helper and Parallels Service. Both binaries run with root pr
Trendmicro
Vulnerabilities in Parallels Desktop and CDPATH
blogs_trendmicro·2023-04-06
Vulnerabilities in Parallels Desktop and CDPATH
## Bash Privileged-Mode Vulnerabilities in Parallels Desktop and CDPATH Handling in MacOS
Learn about bash privileged mode vulnerabilities in parallels desktop and cdpath-handling in macos.
By: Zero Day Initiative Apr 06, 2023 Read time: ( words)
Save to Folio
In the last few years, we have seen multiple vulnerabilities in Parallels Desktop leading to virtual machine escapes. Interested readers can check our previous blog posts about vulnerabilities across interfaces such as RDPMC hypercalls , the Parallels ToolGate, and the VGA virtual device . This post explores another set of issues we received last year - local privilege escalations through setuid root binaries.
Parallels Desktop has a couple of setuid binaries: prl_update_helper and Parallels Service. Both binaries run with root
Trendmicro
Vulnerabilities in Parallels Desktop and CDPATH
blogs_trendmicro·2023-04-06
Vulnerabilities in Parallels Desktop and CDPATH
# Bash Privileged-Mode Vulnerabilities in Parallels Desktop and CDPATH Handling in MacOS
Learn about bash privileged mode vulnerabilities in parallels desktop and cdpath-handling in macos.
By: Zero Day Initiative
2023/04/06
Read time: ( words)
Save to Folio
In the last few years, we have seen multiple vulnerabilities in Parallels Desktop leading to virtual machine escapes. Interested readers can check our previous blog posts about vulnerabilities across interfaces such as RDPMC hypercalls, the Parallels ToolGate, and the VGA virtual device. This post explores another set of issues we received last year - local privilege escalations through setuid root binaries.
Parallels Desktop has a couple of setuid binaries: prl_update_helper and Parallels Service. Both binaries run with root priv
2024-05-03
Published