How severe is CVE-2025-21533?

This vulnerability has a severity rating of MEDIUM with a CVSS score of 5.5 out of 10.

What type of vulnerability is CVE-2025-21533?

This is classified as CWE-863, which is a common weakness in software security.

CVE-2025-21533

MEDIUM Year: 2025

CVSS v3 Score

5.5

Medium

Weakness Type

CWE-863

View all →

Vulnerability Description

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.24 and prior to 7.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

CVE-2017-8216

MEDIUM

CVSS:5.5(Medium)

Warsaw Huawei Smart phones with software of versions earlier than Warsaw-AL00C00B180, versions earlier than Warsaw-TL10C01B180 have a permission control vulnerability. Due to improper authorization on...

CWE-8632017

CVE-2018-11142

MEDIUM

CVSS:5.5(Medium)

The 'systemui/settings_network.php' and 'systemui/settings_patching.php' scripts in the Quest KACE System Management Appliance 8.0.318 are accessible only from localhost. This restriction can be bypas...

CWE-8632018

CVE-2018-16597

MEDIUM

CVSS:5.5(Medium)

An issue was discovered in the Linux kernel before 4.8. Incorrect access checking in overlayfs mounts could be used by local attackers to modify or truncate files in the underlying filesystem.

CWE-8632018

CVE-2018-18397

MEDIUM

CVSS:5.5(Medium)

The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs ...

CWE-8632018

CVE-2019-1289

MEDIUM

CVSS:5.5(Medium)

An elevation of privilege vulnerability exists when the Windows Update Delivery Optimization does not properly enforce file share permissions, aka 'Windows Update Delivery Optimization Elevation of Pr...

CWE-8632019

CVE-2019-9272

MEDIUM

CVSS:5.5(Medium)

In WiFi, there is a possible leak of WiFi state due to a permissions bypass. This could lead to a local information disclosure which could be used to determine device location with no additional execu...

CWE-8632019

CVE-2025-21533

Vulnerability Description

Related Vulnerabilities

CVE-2017-8216

CVE-2018-11142

CVE-2018-16597

CVE-2018-18397

CVE-2019-1289

CVE-2019-9272