MEMU PLAY 3.7.0 - 'MEmusvc' Unquoted Service Path | Advisories

Advisories

MEMU PLAY 3.7.0 - 'MEmusvc' Unquoted Service Path

severity: high
date: January 25, 2026
Affecting: MEMU PLAY 3.7.0
CVE: CVE-2020-36937
CWE: CWE-428 Unquoted Search Path or Element
CVSS: 8.5
CVSS V4 Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
References: ExploitDB-49016
Official MEMU Play Product Homepage
Credit: SamAlucard
Description: Microvirt MEMU Play 3.7.0 contains an unquoted service path vulnerability in the MEmusvc Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with elevated LocalSystem privileges.