CVE-2024-52561 – Parallels Desktop for Mac Privilege Escalation Vulnerability

June 3, 2025

CVE ID : CVE-2024-52561

Published : June 3, 2025, 10:15 a.m. | 1 hour, 13 minutes ago

Description : A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is deleted, a root service verifies and modifies the ownership of the snapshot files. By using a symlink, an attacker can change the ownership of files owned by root to a lower-privilege user, potentially leading to privilege escalation.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-31359 – Parallels Desktop Directory Traversal Vulnerability

Next Article CVE-2024-36486 – Parallels Desktop for Mac Privilege Escalation Vulnerability

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

CVE-2024-52561 – Parallels Desktop for Mac Privilege Escalation Vulnerability

CVE-2025-44658 – Netgear RAX30 PHP-FPM Misconfigured Extension Bypass Vulnerability

CVE-2025-7393 – Drupal Mail Login Authentication Bypass

Fallout 76 just added fishing—and you can now catch radioactive trout with your friends

Rilasciata Fedora Asahi Remix 42: la distribuzione GNU/Linux ottimizzata per Mac con chip Apple Silicon

This Xbox controller anti-Prime Day discount is truly a standout — and “audio features sweeten the deal”

Usermode FTP Server – access your files from another device

JetBrains open sources its code completion LLM, Mellum

CVE-2025-44148 – MailEnable Cross Site Scripting (XSS)

Gears of War: E-Day is coming in 2026, as Phil Spencer shares an update during Xbox Games Showcase 2025

CVE-2025-49701 – Microsoft Office SharePoint Cross-Site Scripting (XSS)

CVE-2024-52561 – Parallels Desktop for Mac Privilege Escalation Vulnerability

Related Posts