Lucene search
K
ParallelsParallels Access

4 matches found

CVE
CVE
added 2022/07/18 2:17 p.m.72 views

CVE-2022-34900

CVE-2022-34900 affects Parallels Access Agent 6.5.3 (39313). The Dispatcher service loads an OpenSSL configuration file from an unsecured location, enabling a local attacker who can run low-privileged code to escalate to SYSTEM and execute arbitrary code. Documented by ZDI-22-945 (and related fee...

7.8CVSS7.8AI score0.00396EPSS
CVE
CVE
added 2022/07/18 2:17 p.m.70 views

CVE-2022-34901

CVE-2022-34901 affects Parallels Access Agent 6.5.4 (39316). The flaw resides in the Parallels Service, which executes files from an unsecured location, enabling a local attacker who can run low-privileged code to escalate to root and execute arbitrary code. The vulnerability is labeled as a loca...

7.8CVSS7.8AI score0.00322EPSS
CVE
CVE
added 2022/07/18 2:17 p.m.66 views

CVE-2022-34899

CVE-2022-34899 affects Parallels Access 6.5.4 (39316) Agent. A local attacker who can run low-privilege code can abuse a flaw in the Parallels service by using symbolic links to escalate privileges and execute arbitrary code as root. Root-level impact is stated; the flaw is tied to a local privil...

7.8CVSS7.8AI score0.00224EPSS
CVE
CVE
added 2022/07/18 2:17 p.m.65 views

CVE-2022-34902

Parallels Access 6.5.4 Agent is affected by CVE-2022-34902. The Desktop Control Agent loads Qt plugins from an unsecured location, enabling a local attacker who can run low-privilege code to escalate to SYSTEM and execute arbitrary code. This is a local privilege escalation via an uncontrolled se...

7.8CVSS7.8AI score0.00322EPSS