How severe is CVE-2022-39425?

This vulnerability has a severity rating of HIGH with a CVSS score of 8.1 out of 10.

What type of vulnerability is CVE-2022-39425?

This is classified as CWE-306, which is a common weakness in software security.

CVE-2022-39425 - HIGH Severity | CVSS 8.1

Vulnerability Description

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.40. Difficult to exploit vulnerability allows unauthenticated attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).

Related Vulnerabilities

CVE-2017-12720

HIGH

CVSS:8.1(High)

An Improper Access Control issue was discovered in Smiths Medical Medfusion 4000 Wireless Syringe Infusion Pump, Version 1.1, 1.5, and 1.6. The FTP server on the pump does not require authentication i...

CWE-3062017

CVE-2017-3217

HIGH

CVSS:8.1(High)

CalAmp LMU 3030 series OBD-II CDMA and GSM devices has an SMS (text message) interface that can be deployed where no password is configured for this interface by the integrator / reseller. This interf...

CWE-3062017

CVE-2019-11061

HIGH

CVSS:8.1(High)

A broken access control vulnerability in HG100 firmware versions up to 4.00.06 allows an attacker in the same local area network to control IoT devices that connect with itself via http://[target]/sma...

CWE-3062019

CVE-2019-14984

HIGH

CVSS:8.1(High)

eQ-3 Homematic CCU2 and CCU3 with the XML-API through 1.2.0 AddOn installed allow Remote Code Execution by unauthenticated attackers with access to the web interface, because the undocumented addons/x...

CWE-3062019

CVE-2019-3411

HIGH

CVSS:8.1(High)

All versions up to BD_R218V2.4 of ZTE MF920 product are impacted by information leak vulnerability. Due to some interfaces can obtain the WebUI login password without login, an attacker can exploit th...

CWE-3062019

CVE-2019-6447

HIGH

CVSS:8.1(High)

The ES File Explorer File Manager application through 4.1.9.7.4 for Android allows remote attackers to read arbitrary files or execute applications via TCP port 59777 requests on the local Wi-Fi netwo...

CWE-3062019