Analysis and contextual insights are available on OpenCVE Cloud.
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
No advisories yet.
Tue, 07 Jul 2026 19:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Parsec Elevated Privilege Vulnerability via AppData Manipulation |
Tue, 07 Jul 2026 11:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Parsec Elevation of Privilege via AppData Manipulation |
Mon, 06 Jul 2026 16:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Mon, 06 Jul 2026 09:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Parsec Elevation of Privilege via AppData Manipulation |
Mon, 06 Jul 2026 00:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Privileged API Misuse in Unity Parsec Enabling SYSTEM Account Elevation |
Sun, 05 Jul 2026 20:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Privileged API Misuse in Unity Parsec Enabling SYSTEM Account Elevation |
Sun, 05 Jul 2026 00:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Parsec Windows Elevation of Privilege via Incorrect Use of Privileged APIs |
Sat, 04 Jul 2026 08:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Title | Parsec Windows Elevation of Privilege via Incorrect Use of Privileged APIs |
Sat, 04 Jul 2026 01:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | An Incorrect Use of Privileged APIs vulnerability in Unity Parsec on Windows hosts leads to a potential Elevation of Privilege. This issue affects Parsec through v2026-05-04.0. The patched version is Parsec for Windows version 150-104a. A user can generate a situation where there is an instance of parsecd.exe running as NT AUTHORITY\SYSTEM with a user-controlled value of the AppData environment variable. | |
| First Time appeared |
Unity
Unity parsec |
|
| Weaknesses | CWE-648 | |
| CPEs | cpe:2.3:a:unity:parsec:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Unity
Unity parsec |
|
| References |
| |
| Metrics |
cvssV3_1
|
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2026-07-06T15:35:01.009Z
Reserved: 2026-06-14T04:15:58.932Z
Link: CVE-2026-54424
Updated: 2026-07-06T15:34:54.283Z
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-08T10:45:03Z