Security Vulnerability Report
中文
CVE-2025-62587 CVSS 8.2 HIGH

CVE-2025-62587

Published: 2025-10-21 20:20:55
Last Modified: 2025-10-23 16:01:14
Source: [email protected]

Description

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

CVSS Details

CVSS Score
8.2
Severity
HIGH
CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Configurations (Affected Products)

cpe:2.3:a:oracle:vm_virtualbox:7.1.12:*:*:*:*:*:*:* - VULNERABLE
cpe:2.3:a:oracle:vm_virtualbox:7.2.2:*:*:*:*:*:*:* - VULNERABLE
Oracle VM VirtualBox < 7.1.13
Oracle VM VirtualBox 7.2.x < 7.2.3

PoC / Exploit Code

⚠ For Security Research Only
The following code is for security research and authorized testing only.
python
# CVE-2025-62587 - Oracle VM VirtualBox Core Component Vulnerability PoC (Conceptual) # NOTE: This is a conceptual PoC. Actual exploitation requires specific conditions # and high-privileged local access to the VirtualBox environment. # # The vulnerability exists in the Core component of Oracle VM VirtualBox # versions 7.1.12 and 7.2.2, allowing high-privileged attackers to compromise # the VirtualBox installation. import subprocess import os import sys def check_virtualbox_version(): """Check if the installed VirtualBox version is vulnerable""" try: result = subprocess.run( ['VBoxManage', '--version'], capture_output=True, text=True, timeout=10 ) version = result.stdout.strip() print(f"[*] Detected VirtualBox version: {version}") vulnerable_versions = ['7.1.12', '7.2.2'] for vuln_ver in vulnerable_versions: if version.startswith(vuln_ver): print(f"[!] VULNERABLE: Version {version} is affected by CVE-2025-62587") return True print(f"[+] Version {version} is not in the known vulnerable list") return False except FileNotFoundError: print("[-] VBoxManage not found. VirtualBox may not be installed.") return False except Exception as e: print(f"[-] Error checking version: {e}") return False def check_privileges(): """Check if running with high privileges (required for exploitation)""" if os.name == 'nt': # Windows try: import ctypes is_admin = ctypes.windll.shell32.IsUserAnAdmin() if is_admin: print("[*] Running with Administrator privileges") return True else: print("[-] Requires Administrator privileges (PR:H)") return False except Exception: return False else: # Unix/Linux/macOS if os.geteuid() == 0: print("[*] Running with root privileges") return True else: print("[-] Requires root privileges (PR:H)") return False def main(): print("=" * 60) print("CVE-2025-62587 - Oracle VM VirtualBox Core Vulnerability") print("CVSS 3.1: 8.2 (HIGH)") print("=" * 60) # Step 1: Verify target is vulnerable if not check_virtualbox_version(): sys.exit(0) # Step 2: Verify privilege requirements if not check_privileges(): print("[-] Insufficient privileges for exploitation") sys.exit(1) # Step 3: Conceptual exploitation # The actual exploitation involves interacting with the Core component # through VirtualBox APIs or command-line tools to trigger the vulnerability. # Specific exploit details are not yet publicly disclosed. print("[*] Target is vulnerable and privileges are sufficient") print("[*] Refer to Oracle CPU Oct 2025 advisory for patch information") print("[*] https://www.oracle.com/security-alerts/cpuoct2025.html") if __name__ == '__main__': main()

References

Raw JSON Data

JSON
{"cve": {"id": "CVE-2025-62587", "sourceIdentifier": "[email protected]", "published": "2025-10-21T20:20:54.983", "lastModified": "2025-10-23T16:01:13.590", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "baseScore": 8.2, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.5, "impactScore": 6.0}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-267"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:oracle:vm_virtualbox:7.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "D0846C94-6984-4E7F-9670-E5238AA8CA5F"}, {"vulnerable": true, "criteria": "cpe:2.3:a:oracle:vm_virtualbox:7.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "613B5554-B57C-4AF9-AC10-E96278C44FC4"}]}]}], "references": [{"url": "https://www.oracle.com/security-alerts/cpuoct2025.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}
Disclaimer

This information is for security research and authorized penetration testing only. Unauthorized testing of other systems is illegal.