CVE-2024-36486 | THREATINT

Description

A privilege escalation vulnerability exists in the virtual machine archive restoration functionality of Parallels Desktop for Mac version 20.1.1 (55740). When an archived virtual machine is restored, the prl_vmarchiver tool decompresses the file and writes the content back to its original location using root privileges. An attacker can exploit this process by using a hard link to write to an arbitrary file, potentially resulting in privilege escalation.

PUBLISHED Reserved 2024-12-09 | Published 2025-06-03 | Updated 2025-06-03 | Assigner talos

HIGH: 7.8CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Problem types

CWE-62: UNIX Hard Link

Product status

version 20.1.1 (55740)

affected

Credits

Discovered by KPC of Cisco Talos.

References

www.talosintelligence.com/...ability_reports/TALOS-2024-2126

talosintelligence.com/vulnerability_reports/TALOS-2024-2126 exploit

talosintelligence.com/vulnerability_reports/TALOS-2024-2126

cve.org (CVE-2024-36486)

nvd.nist.gov (CVE-2024-36486)

Download JSON