What the vulnerability does

01Description

A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system.

Key dates

02Disclosure timeline

March 29, 2023 CVE published
February 18, 2025 Record updated