CVE-2025-31359

High CVSS: 8.8

A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac version 20.2.2 (55879). This vulnerability can be exploited by an attacker to write to arbitrary files, potentially leading to privilege escalation.

Vendor

Parallels

Product

Parallels Desktop

CWE

CWE-22

Yayın Tarihi

2025-06-03 10:15:22

Güncelleme

2025-07-02 14:47:25

Source Identifier

talos-cna@cisco.com

KEV Date Added

Kategoriler

CWE-22 Parallels Desktop HIGH Parallels 2025

Referanslar

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2160 https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2160 https://talosintelligence.com/vulnerability_reports/TALOS-2025-2160

Benzer Kayıtlar

High

CVE-2024-54189

A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (b…

High

CVE-2024-52561

A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (b…

High

CVE-2024-36486

A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Deskto…

High

CVE-2025-0413

Parallels Desktop Technical Data Reporter Link Following Local Privilege Escalation Vulnerability. This vulnerability a…