What is CVE-2025-31359?

CVE-2025-31359 is a high-severity vulnerability in Parallels Desktop For Mac, classified under Path Traversal. CVSS score: 8.8/10. Published 2025-06-03.

How severe is CVE-2025-31359?

High severity. CVSS v3 base score is 8.8 out of 10.

Path Traversal in Parallels Desktop For Mac

CVE-2025-31359

A directory traversal vulnerability exists in the PVMP package unpacking functionality of Parallels Desktop for Mac version 20.2.2 (55879). This vulnerability can be exploited by an attacker to write to arbitrary files, potentially leading…

Vulnerability class: Path Traversal (Directory Traversal)

EPSS: 0.003 (54.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H.

Affected products

Parallels Desktop For Mac — versions 20.2.2 (55879)

Weakness classification (CWE)

CWE-22 — Path Traversal

References

https://talosintelligence.com/vulnerability_reports/TALOS-2025-2160

Frequently asked questions

What is CVE-2025-31359?: CVE-2025-31359 is a high-severity vulnerability in Parallels Desktop For Mac, classified under Path Traversal. CVSS score: 8.8/10. Published 2025-06-03.
How severe is CVE-2025-31359?: High severity. CVSS v3 base score is 8.8 out of 10.