CVE-2024-21111 PoC — Oracle Virtualization 安全漏洞

Title:Oracle Virtualization 安全漏洞 (CVE-2024-21111)
Description:Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

Prebuilt binaries for Privilege Escalation in Oracle VM Virtual box prior to 7.0.16

These binaries were built from source using mansk1es code.
https://github.com/mansk1es/CVE-2024-21111

Prebuilt binaries for Privilege Escalation in Oracle VM Virtual box prior to 7.0.16

 [4.0K]  /data/pocs/87e781921c12449987f240b2d9f6d6d6ced84a6b
├── [ 187]  README.md
├── [900K]  VirtualBoxLPE_del.exe
└── [154K]  VirtualBoxLPE_move.exe

0 directories, 3 files