CVE-2023-27327

EIP tracks 1 public exploit for CVE-2023-27327. PoCs published by kn32.

AI-analyzed exploit summary This repository contains functional exploit code for CVE-2023-27327 and CVE-2023-27328, which can be chained to escape a Parallels Desktop VM. The exploits involve a race condition to write arbitrary files on the host and plist injection to achieve code execution.

Parallels Desktop Toolgate Time-Of-Check Time-Of-Use Local Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the current user on the host system. Was ZDI-CAN-18964.