Parallels Desktop vulnerabilities
69 known vulnerabilities affecting parallels/desktop.
Total CVEs
69
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH45MEDIUM23LOW1
Vulnerabilities
Page 1 of 4
CVE-2021-31424P3HIGHCVSS 8.8v15.1.5-473092021-04-29
CVE-2021-31424 [HIGH] CWE-122 CVE-2021-31424: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.5-47309. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Open Tools Gate component. The issue results from t
nvd
CVE-2021-31420P3HIGHCVSS 8.8v16.1.0-489502021-04-29
CVE-2021-31420 [HIGH] CWE-121 CVE-2021-31420: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.0-48950. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack
nvd
CVE-2021-31425P3HIGHCVSS 8.8v16.1.2-491512021-04-29
CVE-2021-31425 [HIGH] CWE-190 CVE-2021-31425: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Parallels Tools component. The issue results from t
nvd
CVE-2021-31426P3HIGHCVSS 8.8v16.1.2-491512021-04-29
CVE-2021-31426 [HIGH] CWE-190 CVE-2021-31426: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the Parallels Tools component. The issue results from the lac
nvd
CVE-2021-34868P3HIGHCVSS 8.8v16.1.3-491602022-01-25
CVE-2021-34868 [HIGH] CWE-789 CVE-2021-34868: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack
nvd
CVE-2021-34869P3HIGHCVSS 8.8v16.1.3-491602022-01-25
CVE-2021-34869 [HIGH] CWE-789 CVE-2021-34869: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack
nvd
CVE-2020-17399P3HIGHCVSS 8.8v15.1.42020-08-25
CVE-2020-17399 [HIGH] CWE-129 CVE-2020-17399: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor kext. The issue results from the lack of proper
nvd
CVE-2020-17396P3HIGHCVSS 8.8v15.1.42020-08-25
CVE-2020-17396 [HIGH] CWE-190 CVE-2020-17396: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor module. The issue results from the lack of prope
nvd
CVE-2020-17392P3HIGHCVSS 8.8v15.1.3-472552020-08-25
CVE-2020-17392 [HIGH] CWE-822 CVE-2020-17392: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.3-47255. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handler for HOST_IOCTL_SET_KERNEL_SYMBOLS in the prl_hype
nvd
CVE-2020-17400P3HIGHCVSS 8.8v15.1.42020-08-25
CVE-2020-17400 [HIGH] CWE-129 CVE-2020-17400: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.4. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the prl_hypervisor kext. The issue results from the lack of proper
nvd
CVE-2020-17390P3HIGHCVSS 8.8v15.1.2-471232020-08-25
CVE-2020-17390 [HIGH] CWE-125 CVE-2020-17390: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the hypervisor kernel extension. The issue results from the l
nvd
CVE-2022-34890P3HIGHCVSS 8.8v17.1.1 (51537)2022-07-18
CVE-2022-34890 [HIGH] CWE-822 CVE-2022-34890: This vulnerability allows local attackers to disclose sensitive information on affected installation
This vulnerability allows local attackers to disclose sensitive information on affected installations of Parallels Desktop 17.1.1 (51537). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Parallels Tools component. The issue r
nvd
CVE-2021-27243P3HIGHCVSS 8.8v16.0.1-489192021-03-29
CVE-2021-27243 [HIGH] CWE-190 CVE-2021-27243: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack
nvd
CVE-2021-34856P3HIGHCVSS 8.8v16.1.3 (49160)2021-10-25
CVE-2021-34856 [HIGH] CWE-119 CVE-2021-34856: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the virtio-gpu virtual device. The issue results fro
nvd
CVE-2021-34864P3HIGHCVSS 8.8v16.1.3 (49160)2021-10-25
CVE-2021-34864 [HIGH] CWE-284 CVE-2021-34864: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the WinAppHelper component. The issue results from th
nvd
CVE-2020-8875P3HIGHCVSS 8.8v15.1.2-471232020-03-23
CVE-2020-8875 [HIGH] CWE-129 CVE-2020-8875: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 15.1.2-47123. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the IOCTL handler. The issue results from the lack of proper va
nvd
CVE-2021-27242P3HIGHCVSS 8.8v16.0.1-489192021-03-29
CVE-2021-27242 [HIGH] CWE-787 CVE-2021-27242: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.0.1-48919. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack
nvd
CVE-2021-34857P3HIGHCVSS 8.8v16.1.3 (49160)2021-10-25
CVE-2021-34857 [HIGH] CWE-787 CVE-2021-34857: This vulnerability allows local attackers to escalate privileges on affected installations of Parall
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3 (49160). An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the l
nvd
CVE-2023-50227P3HIGHCVSS 8.3v18.3.2 (53621)2024-05-03
CVE-2023-50227 [HIGH] CWE-787 CVE-2023-50227: Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerabi
Parallels Desktop virtio-gpu Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parallels Desktop. User interaction is required to exploit this vulnerability in that the target in a guest system must visit a malicious page or open a malicious file.
nvd
CVE-2025-0413P3HIGHCVSS 7.8v19.4.1 (54985)2025-02-05
CVE-2025-0413 [HIGH] CWE-59 CVE-2025-0413: Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability.
Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability.
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute low-privileged code on the target host system in order to exploit this vulnerability.
The sp
nvd
1 / 4Next →