CVE-2025-53030

Published Jul 15, 2025

Last updated 2 days ago

CVSS medium 6.0

Overview

Description: Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is 7.1.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
Source: secalert_us@oracle.com
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 6
Impact score: 4
Exploitability score: 1.5
Vector string: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Severity: MEDIUM

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0: CWE-269

Hype score: Not currently trending

CVE-2025-53030 Oracle VM VirtualBox Core Vulnerability Enables Unauthorized Critical Data Access https://t.co/3IzvjMWenk
@VulmonFeeds
16 Jul 2025
69 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:vm_virtualbox:7.1.10:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "1E61CF6C-C865-4F63-886F-644402FAC3FF"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

References

Sources include official advisories and independent security research.

Overview

Risk scores

CVSS 3.1

Weaknesses

Social media

Configurations

References