PT-2025-43001 · Oracle+1 · Virtualbox+1
Published
2025-10-21
·
Updated
2025-12-16
·
CVE-2025-62589
CVSS v3.1
8.2
High
| Vector | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Oracle VM VirtualBox versions 7.1.12 through 7.2.2
Description
An issue exists in the Oracle VM VirtualBox product, specifically within the Core component. A high-privileged attacker with local access can compromise Oracle VM VirtualBox, potentially leading to a full takeover of the system. Successful exploitation can have a significant impact, potentially affecting additional products.
Recommendations
Oracle VM VirtualBox version 7.1.12 should be updated.
Oracle VM VirtualBox version 7.2.2 should be updated.
Fix
LPE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Virtualbox
Red Os