Sign In

CVE-2025-62592

📊 6.0 MEDIUM0.0%🎯 0 exploits
📅 Published Oct 21, 2025
📋 Status: Analyzed

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

🎯 Affected Products & Systems

2 product configurations affected

Filter by type:
📱
oracle / vm virtualbox
Application
Vulnerable
Version: 7.1.12
CPE:
cpe:2.3:a:oracle:vm_virtualbox:7.1.12:*:*:*:*:*:*:*
📱
oracle / vm virtualbox
Application
Vulnerable
Version: 7.2.2
CPE:
cpe:2.3:a:oracle:vm_virtualbox:7.2.2:*:*:*:*:*:*:*
Metrics
6.0 MEDIUMCVSS v3.1[email protected]
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
Attack Vector:
LOCAL
Complexity:
LOW
Privileges:
HIGH
User Interaction:
NONE
Confidentiality:
HIGH
Integrity:
NONE
Availability:
NONE
Scope:
CHANGED

🔍 Technical Details

Analysis Status
Analyzed
CVSS Details
6.0 (MEDIUM)v3.1
Source: [email protected]
EPSS Details
0.0% (Minimal)4.6th percentile
Last updated: Oct 30, 2025
Exploitation probability within 30 days
Published Date
Oct 21, 2025 (10 days ago)
Last Modified
Oct 23, 2025 (9 days ago)
Security Weaknesses1
References2