CVE-2023-45894

2023-12-1400:00:00

mitre

www.cve.org

parallels ras

remote application server

security vulnerability

remote code execution

kiosk breakout

AI Score

9.9

Confidence

High

EPSS

0.002

Percentile

59.2%

JSON

The Remote Application Server in Parallels RAS before 19.2.23975 does not segment virtualized applications from the server, which allows a remote attacker to achieve remote code execution via standard kiosk breakout techniques.

References

github.com/Oracle-Security/CVEs/blob/main/Parallels%20Remote%20Server/readme.md