CVE-2020-14711

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox versions prior to 5.2.44 Oracle VM VirtualBox versions prior to 6.0.24 Oracle VM VirtualBox versions prior to 6.1.12

Description The issue is related to insufficient input validation in the Core component of Oracle VM VirtualBox. Exploitation of this issue may allow an attacker to impact the confidentiality, integrity, and availability of protected information. The vulnerability can be easily exploited by a highly privileged attacker with logon access to the infrastructure where Oracle VM VirtualBox is executed, and successful attacks require human interaction from a person other than the attacker. This can result in the takeover of Oracle VM VirtualBox.

Recommendations For versions prior to 5.2.44, update to version 5.2.44 or later. For versions prior to 6.0.24, update to version 6.0.24 or later. For versions prior to 6.1.12, update to version 6.1.12 or later.