Impact
An issue in Microvirt MEmu Android Emulator 9.2.7.0 allows a local attacker to gain higher privileges by exploiting the MemuService.exe component. The flaw enables unauthorized escalation of privileges on the host system, potentially allowing the attacker to execute arbitrary code with elevated rights. This weakness is an access control failure (CWE-269).
Affected Systems
The vulnerability affects Microvirt MEmu Android Emulator version 9.2.7.0. No other versions or variants are explicitly listed.
Risk and Exploitability
The CVSS base score is 7.8, indicating a high severity local privilege escalation. Although the EPSS score is below 1%, meaning exploitation is considered unlikely at the time, the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is local; an attacker must have physical or local software access to the host machine to run MemuService.exe and trigger the escalation. Due to the local nature, protective measures such as limiting service privileges or isolating the emulator can mitigate risk.
OpenCVE Enrichment