← back
CVE-2013-4536

CVE-2013-4536

EPSS 0.3%CWE-269
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.3%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
28 May 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
An user able to alter the savevm data (either on the disk or over the wire during migration) could use this flaw to to corrupt QEMU process memory on the (destination) host, which could potentially result in arbitrary code execution on the host with the privileges of the QEMU process.
Affected products
n/a · qemu

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →