Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is deleted, a root service verifies and modifies the ownership of the snapshot files. By using a symlink, an attacker can change the ownership of files owned by root to a lower-privilege user, potentially leading to privilege escalation.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
不正确的属主授予
Vulnerability Title
Parallels Desktop 安全漏洞
Vulnerability Description
Parallels Desktop是美国Parallels公司的一套适用于macOS平台的虚拟机软件。 Parallels Desktop for Mac 20.1.1版本存在安全漏洞,该漏洞源于快照功能存在符号链接问题,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A