CVE-2024-21164

Summary

CVE-2024-21164 is a vulnerability affecting Oracle VM VirtualBox, a component of Oracle Virtualization, prior to version 7.0.20. This issue can be exploited by high privileged attackers with access to the infrastructure where Oracle VM VirtualBox runs, enabling unauthorized read access to a subset of the product's data. Although the vulnerability resides within Oracle VM VirtualBox, potential attacks could have far-reaching consequences and impact additional products. The Base Score of this vulnerability according to the Common Vulnerability Scoring System (CVSS) is 2.5, with a Confidentiality impact. The CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N) indicates that attackers need local access to exploit it, and the attack complexity is high, while the impact on confidentiality is low.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.