CVE-2018-20621

Name of the Vulnerable Software and Affected Versions: Microvirt MEmu version 6.0.6

Description: An issue was discovered in Microvirt MEmu. The MemuService.exe service binary is vulnerable to local privilege escalation through binary planting due to insecure permissions set at install time. This allows code to be run as NT AUTHORITY/SYSTEM.

Recommendations: For Microvirt MEmu version 6.0.6, consider restricting access to the MemuService.exe service binary to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.