CVE-2018-20621

HIGH

7.8

CVSS Severity Score

EPSS Score0.0050%

EPSS Percentile6.58th

PublishedMar 13, 2019

Last ModifiedNov 21, 2024

Vulnerability Description

An issue was discovered in Microvirt MEmu 6.0.6. The MemuService.exe service binary is vulnerable to local privilege escalation through binary planting due to insecure permissions set at install time. This allows code to be run as NT AUTHORITY/SYSTEM.

Affected Platforms (CPE)

📦

Microvirt

Memu

= 6.0.6

References & Advisories

🔗 https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2018-20621

Related Vulnerabilities

CVE-2019-145149.8

An issue was discovered in Microvirt MEmu all versions prior to 7.0.2. A guest Android operating system inside the MEmu emulator c...

CVE-2019-255689.8

Memu Play 6.0.7 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by repl...

CVE-2020-371299.8

Memu Play 7.1.3 contains an insecure folder permissions vulnerability that allows low-privileged users to modify the MemuService.e...

CVE-2020-369377.8

Microvirt MEMU Play 3.7.0 contains an unquoted service path vulnerability in the MEmusvc Windows service that allows local attacke...