ZDI-24-409 -
Low
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. In addition, some user interaction is required on the part of a user on the host. The ZDI has assigned a CVSS rating of 7.3. The following CVEs are assigned: CVE-2024-21110.