CVE-2025-62591

# CVE-2025-62591 - Oracle VM VirtualBox Core Component Information Disclosure # Vulnerability Type: Local Information Disclosure / Privilege Escalation # Affected Versions: VirtualBox 7.1.12, 7.2.2 # Requirements: Local access + High privileges (admin/root) # CVSS: 6.0 (MEDIUM) - C:H/I:N/A:N # Note: No public PoC is currently available for this vulnerability. # The following demonstrates the conceptual exploitation approach. import subprocess import os import sys def check_virtualbox_version(): """Check if the installed VirtualBox version is vulnerable""" try: result = subprocess.run( ["VBoxManage", "--version"], capture_output=True, text=True, timeout=10 ) version = result.stdout.strip() print(f"[*] Detected VirtualBox version: {version}") vulnerable_versions = ["7.1.12", "7.2.2"] for v in vulnerable_versions: if version.startswith(v): print(f"[!] VULNERABLE: Version {version} is affected by CVE-2025-62591") return True print(f"[+] Version {version} appears to be patched.") return False except FileNotFoundError: print("[-] VBoxManage not found. VirtualBox may not be installed.") return False except Exception as e: print(f"[-] Error checking version: {e}") return False def enumerate_vm_data(): """ Enumerate VirtualBox managed data that may be accessible due to the Core component vulnerability. """ print("[*] Attempting to enumerate VirtualBox VM data...") # List all registered VMs try: result = subprocess.run( ["VBoxManage", "list", "vms"], capture_output=True, text=True, timeout=10 ) vms = result.stdout.strip() if vms: print(f"[*] Found VMs:\n{vms}") # Extract VM names and attempt to read sensitive configuration for line in vms.split("\n"): if '"' in line: vm_name = line.split('"')[1] print(f"\n[*] Extracting data from VM: {vm_name}") # Get VM details (may expose sensitive configuration) details = subprocess.run( ["VBoxManage", "showvminfo", vm_name], capture_output=True, text=True, timeout=10 ) print(details.stdout) except Exception as e: print(f"[-] Error enumerating VMs: {e}") def check_core_component_access(): """Check access to VirtualBox Core component interfaces""" vbox_paths = [ "/usr/lib/virtualbox", "/usr/lib64/virtualbox", "/Applications/VirtualBox.app/Contents/MacOS", "C:\\Program Files\\Oracle\\VirtualBox" ] for path in vbox_paths: if os.path.exists(path): print(f"[*] VirtualBox installation found at: {path}") # Check for accessible core component files try: files = os.listdir(path) core_files = [f for f in files if 'core' in f.lower() or 'vbox' in f.lower()] if core_files: print(f"[*] Core component files accessible: {core_files[:10]}") except PermissionError: print(f"[-] Permission denied accessing: {path}") if __name__ == "__main__": print("=" * 60) print("CVE-2025-62591 - Oracle VM VirtualBox Core PoC") print("Oracle VM VirtualBox Core Component Information Disclosure") print("=" * 60) if check_virtualbox_version(): print("\n[!] System is vulnerable to CVE-2025-62591") enumerate_vm_data() check_core_component_access() else: print("\n[+] System does not appear to be vulnerable.")

{"cve": {"id": "CVE-2025-62591", "sourceIdentifier": "[email protected]", "published": "2025-10-21T20:20:55.493", "lastModified": "2025-10-23T16:00:52.737", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N)."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "baseScore": 6.0, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.5, "impactScore": 4.0}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-267"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:oracle:vm_virtualbox:7.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "D0846C94-6984-4E7F-9670-E5238AA8CA5F"}, {"vulnerable": true, "criteria": "cpe:2.3:a:oracle:vm_virtualbox:7.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "613B5554-B57C-4AF9-AC10-E96278C44FC4"}]}]}], "references": [{"url": "https://www.oracle.com/security-alerts/cpuoct2025.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}