Oracle VM VirtualBox Core Component Privilege Escalation Vulnerability

Vulnerability

A vulnerability has been identified in the Oracle VM VirtualBox product, specifically in the Core component. This issue affects Oracle VM VirtualBox versions 7.1.14 and 7.2.4. The vulnerability allows a high-privileged attacker with access to the infrastructure where Oracle VM VirtualBox is running to compromise the application. Although the vulnerability resides within Oracle VM VirtualBox, successful exploitation could have a significant impact on other products, indicating a scope change. Exploitation of this vulnerability could lead to a complete takeover of Oracle VM VirtualBox.

Impact

Exploitation of this vulnerability allows for a complete takeover of Oracle VM VirtualBox. However, due to the scope change, successful attacks could also significantly impact additional products.

Added: Jan 20, 2026, 10:58 PM

Updated: Jan 20, 2026, 10:58 PM

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

2.8

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

7.8

impact

10.0

exploitability

2.8

remediation

0.0

relevance

2.2

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Oracle VM VirtualBox Core Component Privilege Escalation Vulnerability

Vulnerability

Impact

Affected Products

Oracle VM VirtualBox

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating