CVE-2024-21259

CVSS 3.1 Score 7.5 of 10 (high)

Details

Published Oct 15, 2024

Summary

CVE-2024-21259 is a vulnerability affecting Oracle VM VirtualBox versions prior to 7.0.22 and 7.1.2, which can be exploited by high-privileged attackers with local access to the infrastructure where the software runs. This vulnerability poses significant risks, as successful exploitation may lead to complete takeover of the Oracle VM VirtualBox environment, impacting confidentiality, integrity, and availability with a CVSS score of 7.5. Remediation involves upgrading to the latest supported versions of Oracle VM VirtualBox to mitigate these risks. The complexity of the attack is rated as high, requiring specific privileges but no user interaction. Failure to address this vulnerability could lead to severe consequences for organizations relying on this virtualization technology.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Advisories, Assessments, and Mitigations

Back to Vulnerability Database