A critical zero-day vulnerability in Parallels Desktop virtualization software has been publicly disclosed after seven months of unresolved reporting, enabling attackers to escalate privileges to the root level on macOS systems.
The proof-of-concept (PoC) exploit code demonstrates two distinct bypass methods that circumvent existing patches for CVE-2024-34331, a previously addressed privilege escalation flaw.
https://gbhackers.com/parallels-desktop-0-day-exploit/