Core Vulnerability in Oracle VM VirtualBox by Oracle
CVE-2025-53030

6MEDIUM

Key Information:

Vendor: Oracle
Status: Oracle Vm Virtualbox
Vendor: CVE Published:; 15 July 2025

What is CVE-2025-53030?

A significant vulnerability exists in the Oracle VM VirtualBox product, specifically within the core component that affects version 7.1.10. This vulnerability can be easily exploited by a high-privileged attacker with access to the infrastructure hosting Oracle VM VirtualBox, potentially leading to unauthorized access to sensitive data. Although primarily affecting Oracle VM VirtualBox, the implications of this vulnerability could extend to other products within the same environment, resulting in a broader risk of data exposure. Prompt action is advised to mitigate the threat posed by this exposure.

Affected Version(s)

Oracle VM VirtualBox 7.1.10

References

https://www.oracle.com/security-alerts/cpujul2025.html

vendor-advisory

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jul 15, 2025
Vulnerability Reserved
Jun 24, 2025