- Description
- A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac version 20.2.2 (55879). This vulnerability can be exploited by an attacker to write to arbitrary files, potentially leading to privilege escalation.
- Source
- talos-cna@cisco.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 6
- Exploitability score
- 2
- Vector string
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
- Severity
- HIGH
- talos-cna@cisco.com
- CWE-22
- Hype score
- Not currently trending
[CVE-2025-31359: HIGH] Directory traversal vulnerability in Parallels Desktop for Mac v20.2.2 (55879) allows attackers to write to arbitrary files, posing a privilege escalation risk. #CyberSecurity#cve,CVE-2025-31359,#cybersecurity https://t.co/Dt5JsjgHii https://t.co/BhD85k7Kfh
@CveFindCom
3 Jun 2025
65 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-31359 A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac version 20.2.2 (55879). This vulnerability can be … https://t.co/ya0NO1lG0L
@CVEnew
3 Jun 2025
504 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:parallels:parallels_desktop:20.2.2_\\(55879\\):*:*:*:*:macos:*:*",
"vulnerable": true,
"matchCriteriaId": "C37E9DDE-6C53-4746-BABC-8F0E01C9653C"
}
],
"operator": "OR"
}
]
}
]