CVE-2025-13433 - Muse Group MuseHub Windows Service Muse.Updater.exe unquoted search path

CVE ID : CVE-2025-13433 Published : Nov. 20, 2025, 12:32 a.m. | 1 hour, 37 minutes ago Description : A security flaw has been discovered in Muse Group MuseHub 2.1.0.1567. The affected element is an unknown function of the file C:\Program Files\WindowsApps\Muse.MuseHub_2.1.0.1567_x64__rb9pth70m6nz6\Muse.Updater.exe of the component Windows Service. The manipulation results in unquoted search path. The attack is only possible with local access. A high complexity level is associated with this attack. The exploitability is described as difficult. The vendor was contacted early about this disclosure but did not respond in any way. Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...