CVE-2024-21248

CVSS 3.1 Score 5.3 of 10 (medium)

Details

Published Oct 15, 2024

Summary

CVE-2024-21248 is a vulnerability found in Oracle VM VirtualBox, specifically affecting versions prior to 7.0.22 and 7.1.2. It poses a medium severity risk with a CVSS score of 5.3, allowing low-privileged attackers with access to the infrastructure where VirtualBox operates to potentially exploit the system. Successful exploitation could lead to unauthorized data access and modifications, as well as the risk of causing partial denial of service (DoS) conditions within the application. Organizations are advised to upgrade their Oracle VM VirtualBox installations to at least version 7.0.22 or 7.1.2 to mitigate this vulnerability effectively. The attack vector is local, requiring minimal privileges and no user interaction, highlighting its ease of exploitation under certain conditions.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share