VYPR

Parallels Tools

by Parallels

CVEs (2)

  • CVE-2021-31426HigApr 29, 2021
    risk 0.57cvss 8.8epss 0.00

    This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.2-49151. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw…

  • CVE-2020-7213HigJan 21, 2020
    risk 0.49cvss 7.5epss 0.01

    Parallels 13 uses cleartext HTTP as part of the update process, allowing man-in-the-middle attacks. Users of out-of-date versions are presented with a pop-up window for a parallels_updates.xml file on the http://update.parallels.com web site.