CVE-2024-21121

Summary

CVE-2024-21121 is a vulnerability affecting Oracle VM VirtualBox, a component of Oracle Virtualization, prior to version 7.0.16. This issue is classified as easily exploitable and allows low-privileged attackers to compromise Oracle VM VirtualBox with logon access to the affected infrastructure. The impact goes beyond Oracle VM VirtualBox as additional products may also be significantly affected (scope change). Successful exploitation can lead to unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data, with a CVSS 3.1 Base Score of 6.5 (Confidentiality impacts).

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.