CVE-2023-27327

HIGH

Parallels Desktop < 18.1.1_\(53328\) - TOCTOU Race Condition

Title source: rule

Description

Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. Was ZDI-CAN-18964.

Exploits (1)

nomisec WORKING POC 14 stars

by kn32 · poc

https://github.com/kn32/parallels-plist-escape

View Code ZIP pw:eip

References (2)

Core 2

Core References

Third Party Advisory x_research-advisory

https://www.zerodayinitiative.com/advisories/ZDI-23-215/

Vendor Advisory vendor-advisory

https://kb.parallels.com/125013

Scores

CVSS v3 7.5

EPSS 0.0007

EPSS Percentile 20.2%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-367

Status published

Products (1)

parallels/parallels_desktop < 18.1.1_\(53328\)

Published May 03, 2024

Tracked Since Feb 18, 2026