PT-2025-43003 · Oracle+1 · Virtualbox+1
Published
2025-10-21
·
Updated
2025-12-16
·
CVE-2025-62591
CVSS v3.1
6.0
Medium
| Vector | AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle VM VirtualBox versions 7.1.12 and 7.2.2
Description
A flaw exists within the Core component of Oracle VM VirtualBox, potentially allowing a high-privileged attacker with access to the system where Oracle VM VirtualBox is running to compromise the software. Successful exploitation could lead to unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. Attacks may significantly impact additional products.
Recommendations
Update Oracle VM VirtualBox version 7.1.12 to a newer, fixed version.
Update Oracle VM VirtualBox version 7.2.2 to a newer, fixed version.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Virtualbox
Red Os