Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac version 20.1.1 (55740). When an archived virtual machine is restored, the prl_vmarchiver tool decompresses the file and writes the content back to its original location using root privileges. An attacker can exploit this process by using a hard link to write to an arbitrary file, potentially resulting in privilege escalation.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
UNIX硬链接
Vulnerability Title
Parallels Desktop 安全漏洞
Vulnerability Description
Parallels Desktop是美国Parallels公司的一套适用于macOS平台的虚拟机软件。 Parallels Desktop for Mac 20.1.1版本存在安全漏洞,该漏洞源于虚拟机归档恢复功能存在硬链接问题,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A