Singi@Theori

**Name of the Vulnerable Software and Affected Versions** Parallels Desktop version 15.1.4 **Description** This issue allows local attackers to disclose sensitive information on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this issue. The specific flaw exists within the `prl hypervisor` kext. By examining a log file, an attacker can disclose a memory address. This can be leveraged in conjunction with other issues to escalate privileges and execute code in the context of the kernel. **Recommendations** For Parallels Desktop version 15.1.4, at the moment, there is no information about a newer version that contains a fix for this issue.