exploitDog

CVE-2025-31359

Опубликовано: 03 июн. 2025

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac version 20.2.2 (55879). This vulnerability can be exploited by an attacker to write to arbitrary files, potentially leading to privilege escalation.

Ссылки

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2160
Exploit
Third Party Advisory
https://www.talosintelligence.com/vulnerability_reports/TALOS-2025-2160
Exploit
Third Party Advisory
https://talosintelligence.com/vulnerability_reports/TALOS-2025-2160
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:parallels:parallels_desktop:20.2.2_\(55879\):*:*:*:*:macos:*:*

EPSS

Процентиль: 34%

0.00141

Низкий

8.8 High

CVSS3

Дефекты

CWE-22

Связанные уязвимости

GHSA-97j7-rmfc-jv53

CVSS3: 8.8

github

8 месяцев назад

A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac version 20.2.2 (55879). This vulnerability can be exploited by an attacker to write to arbitrary files, potentially leading to privilege escalation.

EPSS

Процентиль: 34%

0.00141

Низкий

8.8 High

CVSS3

Дефекты

CWE-22