Unauthorized Access Vulnerability in Oracle VM VirtualBox by Oracle
CVE-2025-53025

6MEDIUM

Key Information:

Vendor: Oracle
Status: Oracle Vm Virtualbox
Vendor: CVE Published:; 15 July 2025

What is CVE-2025-53025?

An unauthorized access vulnerability has been identified in Oracle VM VirtualBox, affecting version 7.1.10. This security flaw allows a high-privileged attacker with logon access to the virtualization infrastructure to exploit the system, potentially leading to significant unauthorized access to critical data. Although the vulnerability resides within Oracle VM VirtualBox, its exploitation could affect additional products connected to this virtualization platform. This incident could undermine the confidentiality of stored data and capabilities within the Oracle VM environment.

Affected Version(s)

Oracle VM VirtualBox 7.1.10

References

https://www.oracle.com/security-alerts/cpujul2025.html

vendor-advisory

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2025
Vulnerability Reserved
Jun 24, 2025