CVE-2018-20621

HIGH

7.8

CVSS Severity Score

EPSS Score0.0050%

EPSS Percentile6.58th

Published2019年3月13日

Last Modified2024年11月21日

Vulnerability Description

An issue was discovered in Microvirt MEmu 6.0.6. The MemuService.exe service binary is vulnerable to local privilege escalation through binary planting due to insecure permissions set at install time. This allows code to be run as NT AUTHORITY/SYSTEM.

Affected Platforms (CPE)

📦

Microvirt

Memu

= 6.0.6

References & Advisories

🔗 https://github.com/RhinoSecurityLabs/CVEs/tree/master/CVE-2018-20621

関連する脆弱性情報

CVE-2019-145149.8

An issue was discovered in Microvirt MEmu all versions prior to 7.0.2. A guest Android operating system inside the MEmu emulator c...

CVE-2019-255689.8

Memu Play 6.0.7 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by repl...

CVE-2020-371299.8

Memu Play 7.1.3 contains an insecure folder permissions vulnerability that allows low-privileged users to modify the MemuService.e...

CVE-2020-369377.8

Microvirt MEMU Play 3.7.0 contains an unquoted service path vulnerability in the MEmusvc Windows service that allows local attacke...