A critical zero-day vulnerability in Parallels Desktop virtualization software has been publicly disclosed after seven months of unresolved reporting, enabling attackers to escalate privileges to the root level on macOS systems.
The proof-of-concept (PoC) exploit code demonstrates two distinct bypass methods that circumvent existing patches for CVE-2024-34331, a previously addressed privilege escalation flaw.
Technical Overview of the Vulnerability
Bypassing Parallels Desktop Patch Verification
The patched CVE-2024-34331 vulnerability involved improper signature verification of the createinstallmedia tool used during macOS installer repackaging.
Parallels’ initial fix required Apple-signed binaries for privilege escalation. However, the newly disclosed bypasses exploit weaknesses in this verification logic:
1. TOCTOU (Time-of-Check to Time-of-Use) Race Condition
Attackers replace the verified createinstallmedia binary with a malicious payload during the brief interval between signature validation and execution.
The exploit script below demonstrates this technique:
#!/bin/sh
# [...] payload creation
defaults write /tmp/poc.app/Contents/Info.plist CFBundleDisplayName createinstallmedia
open /tmp/poc.app -a /Applications/Parallels Desktop.app
# [...] directory monitoring loop replaces binary post-validation
mv /tmp/payload /tmp/poc.app/Contents/Resources/createinstallmedia2. Weak Signature Requirement Exploit
The signature check uses the overly permissive anchor apple rule, allowing any Apple-signed binary (e.g., /bin/ls) to pass verification.
Attackers inject malicious code via dynamic library (DYLIB) hijacking into legitimate Apple binaries.
Evolution of the Vulnerability Chain
Post-Patch Bypass in Version 19.4.1
Parallels introduced a new do_repack_manual function in version 19.4.1 to handle installer repackaging via 7z compression:
do_repack_manual() {
# [...] path manipulation vulnerability
local result_vol_name="$(defaults read "$source_app"/Contents/Info CFBundleDisplayName)"
temp_result_dir="$temp_dir"/"$result_vol_name"
mkdir "$temp_result_dir"
# [...] attacker-controlled path leads to arbitrary code execution
cp -R "$source_app" "$temp_result_dir"
}Attackers exploit path traversal in the CFBundleDisplayName value to overwrite the 7z binary used by Parallels, as shown in the second exploit script:
defaults write /tmp/poc.app/Contents/Info.plist CFBundleDisplayName ../../../../../../tmp/lnk/result
# [...] symlink manipulation redirects root-owned directories
ln -s /tmp/redirect /tmp/lnk
ln -sfn /tmp/dst /tmp/lnkUnresolved Vendor Response Timeline
The researcher reported the bypass to Zero Day Initiative (ZDI) on May 31, 2024, but received delayed confirmation due to version discrepancy issues.
Despite Parallels releasing incremental updates, the core privilege escalation risk remains unaddressed, with the following critical impacts:
- Full root access via trivial path manipulation
- Silent code execution bypassing macOS transparency mechanisms
- Weaponization potential in supply chain attacks targeting macOS virtualization users
Mitigation Recommendations
Until Parallels issues an official patch, users should:
- Restrict Parallels Desktop Privileges:
Disable automatic execution via prl_disp_service using macOS Privacy Controls under System Settings > Security > Automation. - Audit ISO/DMG Sources:
Only process installer images from verified Apple distribution channels. - Monitor File System Activity:
Implement endpoint detection for unexpected writes to /Library/ or modifications to Parallels’ resources directory.
This disclosure underscores the persistent risks in privileged virtualization services and the critical need for robust signature validation frameworks.
Users and enterprises relying on Parallels Desktop for macOS virtualization should treat this as an active threat until vendors release comprehensive fixes.
Free Webinar: Better SOC with Interactive Malware Sandbox for Incident Response, and Threat Hunting - Register Here