Vulnerabilities (CVE)

Filtered by vendor Unity Subscribe
Filtered by product Parsec
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-37250 1 Unity 1 Parsec 2024-11-21 N/A 7.0 HIGH
Unity Parsec has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. The application intentionally launches DLLs from a user-owned directory but intended to always perform integrity verification of those DLLs. This affects Parsec Loader versions through 8. Parsec Loader 9 is a fixed version.