Oracle VM VirtualBox Core Component Takeover Vulnerability

Vulnerability

A vulnerability has been identified in the Oracle VM VirtualBox product, specifically in the core component, affecting versions 7.1.12 and 7.2.2. This vulnerability allows a low-privileged attacker with access to the environment where Oracle VM VirtualBox runs to compromise the application. Exploitation of this vulnerability requires human interaction from a third party. While the issue resides within Oracle VM VirtualBox, successful attacks could have a broader impact on additional products.

Impact

Exploitation of this vulnerability can lead to a complete takeover of Oracle VM VirtualBox.

Added: Oct 21, 2025, 9:11 PM

Updated: Oct 21, 2025, 9:11 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.0

exploitability

3.0

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

0.0

exploitability

3.0

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle VM VirtualBox Core Component Takeover Vulnerability

Vulnerability

Impact

Affected Products

Oracle VM VirtualBox

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating