First published: Mon Mar 23 2020(Updated: )
Credit: zdi-disclosures@trendmicro.com
Affected Software | Affected Version | How to fix |
---|---|---|
Parallels Desktop | ||
Parallels Desktop | <15.1.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2020-8872.
The title of the vulnerability is Parallels Desktop xHCI Out-Of-Bounds Read Information Disclosure Vulnerability.
The severity of CVE-2020-8872 is medium.
Parallels Desktop versions up to and including 15.1.3 on macOS are affected by CVE-2020-8872.
In order to exploit CVE-2020-8872, an attacker must first obtain the ability to execute high-privileged code on the target guest system.