CVE-2025-53030
📊 6.0 MEDIUM⚡ 0.0%🎯 0 exploits
📅 Published Jul 15, 2025
📋 Status: Analyzed
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
CVSS v3.1 • [email protected]
🎯 Affected Products & Systems
1 product configurations affected
Filter by type:
| Type | Vendor | Product | Version Range | Status | CPE String |
|---|---|---|---|---|---|
📱App | oracle | vm virtualbox | 7.1.10 | Vulnerable | cpe:2.3:a:oracle:vm_virtualbox:7.1.10:*:*:*:*:*:*:* |
📱
VulnerableApplication
Version: 7.1.10
CPE:
cpe:2.3:a:oracle:vm_virtualbox:7.1.10:*:*:*:*:*:*:*
Metrics
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Attack Vector:
LOCAL
Complexity:
LOW
Privileges:
HIGH
User Interaction:
NONE
Confidentiality:
HIGH
Integrity:
NONE
Availability:
NONE
Scope:
CHANGED
🔍 Technical Details
Analysis Status
AnalyzedCVSS Details
6.0 (MEDIUM)v3.1
Source: [email protected]
EPSS Details
0.0% (Minimal)4.0th percentile
Last updated: Oct 30, 2025
Exploitation probability within 30 days
Published Date
Jul 15, 2025 (3 months ago)
Last Modified
Jul 16, 2025 (3 months ago)
Security Weaknesses1
CWE-269
References2
NVDgeneral