{
  "threat_severity" : "Moderate",
  "public_date" : "2023-02-20T00:00:00Z",
  "bugzilla" : {
    "description" : "QEMU: local privilege escalation via the QEMU Guest Agent on Windows",
    "id" : "2167423",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2167423"
  },
  "cvss3" : {
    "cvss3_base_score" : "7.8",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
    "status" : "verified"
  },
  "cwe" : "CWE-250->CWE-269",
  "details" : [ "A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system.", "A flaw was found in the QEMU Guest Agent service for Windows. A local unprivileged user may be able to manipulate the QEMU Guest Agent's Windows installer via repair custom actions to elevate their privileges on the system." ],
  "statement" : "This flaw has been rated as having a security impact of Moderate. The flaw affects Windows VMs using virtio-win drivers with QEMU Guest Agent installed in the guest. This is not a VM escape vulnerability, meaning that it does not allow a malicious user to break out of the guest.",
  "acknowledgement" : "Red Hat would like to thank Brian Wiltse for reporting this issue.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 9",
    "release_date" : "2023-05-09T00:00:00Z",
    "advisory" : "RHBA-2023:2451",
    "cpe" : "cpe:/a:redhat:enterprise_linux:9",
    "package" : "virtio-win-0:1.9.33-0.el9_2"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 7",
    "fix_state" : "Out of support scope",
    "package_name" : "virtio-win",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7"
  }, {
    "product_name" : "Red Hat Enterprise Linux 8",
    "fix_state" : "Will not fix",
    "package_name" : "virtio-win",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-0664\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-0664" ],
  "name" : "CVE-2023-0664",
  "mitigation" : {
    "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability.",
    "lang" : "en:us"
  },
  "csaw" : false
}