Back to directory
WRITEUP #2691

Exploiting an Unbounded memcpy in Parallels Desktop: A Pwn2Own 2021 Guest-to-Host Virtualization Escape

OtherMemory corruption
by@ret2systems(RET2 Systems)
Bounty
40,000
Program
Parallels
Published
May 19, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://blog.ret2.io/2022/05/19/pwn2own-2021-parallels-desktop-exploit/
RELATED WRITEUPS
Ghost In The Ppl Part 1: Byovdll
OtherUse-After-Free
Part 2: From Byovdll To Arbitrary Code Execution In Lsass
OtherUse-After-Free
Ghost in the PPL Part 3: LSASS Memory Dump
OtherUse-After-Free
CVE-2024-37079:
OtherInteger underflow
Vulnerabilities in NodeJS C/C++ add-on extensions
OtherMemory corruption

Built with ❤️ by Shubham Rawat