Exist912404

**Name of the Vulnerable Software and Affected Versions** Oracle VM VirtualBox versions prior to 6.1.40 **Description** The issue is related to insufficient input validation in the Core component of Oracle VM VirtualBox, allowing a low-privileged attacker with logon to the infrastructure to compromise Oracle VM VirtualBox. Successful attacks can result in the takeover of Oracle VM VirtualBox. This vulnerability applies to Windows systems only. **Recommendations** For versions prior to 6.1.40, update to version 6.1.40 or later to resolve the issue. As a temporary workaround, consider restricting access to the Oracle VM VirtualBox Core component to minimize the risk of exploitation.