Vulnerability CVE-2023-37250
Published: 2023-08-20

Description:
Unity Parsec before 8 has a TOCTOU race condition that permits local attackers to escalate privileges to SYSTEM if Parsec was installed in "Per User" mode. The application intentionally launches DLLs from a user-owned directory but intended to always perform integrity verification of those DLLs.

 References:
https://www.kb.cert.org/vuls/id/287122
https://unity3d.com
Copyright 2026, cxsecurity.com

 

Back to Top