← Back

CVE-2025-53029

nvd nist
Published: Jul 15, 2025Modified: Jul 16, 2025

JSON object

Loading...
2.3
Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Exploitability: 0.8 / Impact: 1.4
Source: secalert_us@oracle.com (Secondary)

Description

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 2.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

Affected (1)

Oracle
1 product
Vm Virtualbox
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Vm Virtualbox
Version 7.1.10

Related CWEs

CWE-269
Improper Privilege Management
The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (1)

Source: secalert_us@oracle.com
Vendor Advisory

Timeline

No history available yet.