CVE-2024-54189 – Parallels Desktop for Mac Root Privilege Escalation

CVE ID : CVE-2024-54189

Published : June 3, 2025, 10:15 a.m. | 2 hours, 14 minutes ago

Description : A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is taken, a root service writes to a file owned by a normal user. By using a hard link, an attacker can write to an arbitrary file, potentially leading to privilege escalation.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…