CVE-2021-2119

MEDIUM

Oracle VM VirtualBox <6.1.18 - Privilege Escalation

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2021-2119. PoCs published by Sauercloud, shi10587s.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2021-2119, a VirtualBox 6.1 escape vulnerability. The exploit includes kernel drivers and userspace components to achieve privilege escalation and escape from a VirtualBox guest to the host.

Description

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.18. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Exploits (2)

nomisec WORKING POC 145 stars
by Sauercloud · poc
https://github.com/Sauercloud/RWCTF21-VirtualBox-61-escape

This repository contains a functional exploit for CVE-2021-2119, a VirtualBox 6.1 escape vulnerability. The exploit includes kernel drivers and userspace components to achieve privilege escalation and escape from a VirtualBox guest to the host.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Complex
Reliability
Reliable
Target: VirtualBox 6.1
No auth needed
Prerequisites: VirtualBox 6.1 with SCSI enabled · Guest OS access
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →
nomisec STUB
by shi10587s · poc
https://github.com/shi10587s/Sauercloude

The repository contains only a README file with minimal information about a VirtualBox escape vulnerability (CVE-2021-2119) but no actual exploit code or technical details.

Classification
Stub 90%
Attack Type
Other
Complexity
Theoretical
Reliability
Theoretical
Target: VirtualBox 6.1.2
No auth needed
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/202101-15
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/202104-08

Scores

CVSS v3 6.0
EPSS 0.0100
EPSS Percentile 58.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

Status published
Products (1)
oracle/vm_virtualbox < 6.1.18
Published Jan 20, 2021
Tracked Since Feb 18, 2026