CVE-2021-27278 – This vulnerability allows local attackers to escalate privileges on affected installations …

22 April 2021

Vuln ID: CVE-2021-27278

Published: 2021-04-22 18:15:08Z

Description: This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.1-49141. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to escalate privileges and execute code in the context of the current user on the host system. Was ZDI-CAN-12130.

Source: NVD.NIST.GOV

Date:

22 April 2021

Categorie(s):

NVD

Tag(s):

NVD

What’s new in security for Ubuntu 24.04 LTS?24 April 2024
Ransomware Victims Who Opt To Pay Ransom Hits Record Low24 April 2024
IBM Nearing Talks to Acquire Cloud-software Provider HashiCorp24 April 2024
North Korean Hackers Target Dozens of Defense Companies24 April 2024
eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners24 April 2024