CVE-2024-52561 – Parallels Desktop for Mac Privilege Escalation Vulnerability

June 3, 2025

CVE ID : CVE-2024-52561

Published : June 3, 2025, 10:15 a.m. | 1 hour, 13 minutes ago

Description : A privilege escalation vulnerability exists in the Snapshot functionality of Parallels Desktop for Mac version 20.1.1 (build 55740). When a snapshot of a virtual machine is deleted, a root service verifies and modifies the ownership of the snapshot files. By using a symlink, an attacker can change the ownership of files owned by root to a lower-privilege user, potentially leading to privilege escalation.

Severity: 7.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-31359 – Parallels Desktop Directory Traversal Vulnerability

Next Article CVE-2024-36486 – Parallels Desktop for Mac Privilege Escalation Vulnerability

Designing For TV: Principles, Patterns And Practical Guidance (Part 2)

Neo4j introduces new graph architecture that allows operational and analytics workloads to be run together

Beyond the benchmarks: Understanding the coding personalities of different LLMs

Top 10 Use Cases of Vibe Coding in Large-Scale Node.js Applications

Building smarter interactions with MCP elicitation: From clunky tool calls to seamless user experiences

From Zero to MCP: Simplifying AI Integrations with xmcp

Distribution Release: Linux Mint 22.2

Coded Smorgasbord: Basically, a Smorgasbord

Drupal 11’s AI Features: What They Actually Mean for Your Team

Drupal 11’s AI Features: What They Actually Mean for Your Team

Why Data Governance Matters More Than Ever in 2025?

Perficient Included in the IDC Market Glance for Digital Business Professional Services, 3Q25

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

How DevOps Teams Are Redefining Reliability with NixOS and OSTree-Powered Linux

Distribution Release: Linux Mint 22.2

‘Cronos: The New Dawn’ was by far my favorite experience at Gamescom 2025 — Bloober might have cooked an Xbox / PC horror masterpiece

CVE-2024-52561 – Parallels Desktop for Mac Privilege Escalation Vulnerability

Critical Linux UDisks Daemon Vulnerability (CVE-2025-8067) Exposes Privileged Data to Local Attackers

Google Slapped with $381 Million Fine in France Over Gmail Ads, Cookie Consent Missteps

Cisco Issues Urgent Patch for Critical Unified CM Vulnerability (CVE-2025-20309)

CVE-2025-54731 – YouTube Showcase Object Injection Vulnerability

Train Your Own LLM

CVE-2025-5851 – Tenda AC15 HTTP POST Request Handler Buffer Overflow Vulnerability

From The Editor’s Desk — new Windows Central community features, we’d like to hear from you!

Innovate business logic by implementing return of control in Amazon Bedrock Agents

CVE-2009-20008 – Green Dam Youth Escort Stack-Based Buffer Overflow Vulnerability

CVE-2025-33071 – Windows KDC Proxy Service KPSSVC Use-After-Free Remote Code Execution Vulnerability

CVE-2024-52561 – Parallels Desktop for Mac Privilege Escalation Vulnerability

Related Posts