Privilege Escalation Vulnerability in Oracle VM VirtualBox by Oracle
CVE-2023-22099
8.2HIGH
Summary
An exploitable vulnerability exists in Oracle VM VirtualBox that allows a high-privileged attacker with access to the infrastructure where the virtualization software runs to compromise the system. The flaw primarily affects versions prior to 7.0.12, and while it is confined to Oracle VM VirtualBox, successful exploitation could lead to significant security ramifications across related systems and services. Thus, organizations utilizing Oracle VM VirtualBox need to prioritize the application of security updates to mitigate potential risks.
Affected Version(s)
VM VirtualBox * < 7.0.12
References
CVSS V3.1
Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed
Timeline
Vulnerability published
Vulnerability Reserved
Collectors
NVD DatabaseMitre Database