Primary

Context

Alludo Parallels Desktop Privilege Escalation Vulnerability on Intel Macs

Vulnerability

Patched

A privilege escalation vulnerability allowing users to gain root access has been identified in Alludo Parallels Desktop versions prior to 19.4.2 and in the 20.x series prior to 20.2.2. This vulnerability affects macOS on Intel platforms and arises during the virtual machine creation process.

Impact

Exploitation of this vulnerability allows a user with access to the Mac, but without root privileges, to gain root access by manipulating the Parallels Desktop virtual machine creation routine.

Remediation

Users are advised to update Parallels Desktop to version 20.2.2 or 19.4.2. Instructions for updating can be found in the Parallels Desktop application under 'Check for updates'.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

3.3

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Alludo Parallels Desktop Privilege Escalation Vulnerability on Intel Macs

Vulnerability

Impact

Remediation

Affected Products

Alludo Parallels Desktop

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating