CyberSec.Space Logo
Back to CVE Browser

CVE-2019-25568

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0060%
EPSS Percentile14.43th
PublishedMar 21, 2026
Last ModifiedApr 21, 2026

Vulnerability Description

Memu Play 6.0.7 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by replacing the MemuService.exe executable. Attackers can rename and overwrite MemuService.exe in the installation directory with a malicious executable, which executes with system-level privileges when the service restarts after a computer reboot.

Affected Platforms (CPE)

πŸ“¦
Microvirt

Memu

<= 6.0.7

References & Advisories

πŸ”— https://www.exploit-db.com/exploits/46437
πŸ”— https://www.memuplay.com/
πŸ”— https://www.memuplay.com/download-en.php?file_name=Memu-Setup&from=official_release
πŸ”— https://www.vulncheck.com/advisories/memu-play-privilege-escalation-via-insecure-file-permissions

Related Vulnerabilities

CVE-2019-145149.8

An issue was discovered in Microvirt MEmu all versions prior to 7.0.2. A guest Android operating system inside the MEmu emulator c...

CVE-2020-371299.8

Memu Play 7.1.3 contains an insecure folder permissions vulnerability that allows low-privileged users to modify the MemuService.e...

CVE-2018-206217.8

An issue was discovered in Microvirt MEmu 6.0.6. The MemuService.exe service binary is vulnerable to local privilege escalation th...

CVE-2020-369377.8

Microvirt MEMU Play 3.7.0 contains an unquoted service path vulnerability in the MEmusvc Windows service that allows local attacke...