Two vulnerabilities in Oracle VirtualBox, tracked as CVE-2025-62592 and CVE-2025-61760, can be chained to escape from a guest virtual machine to the host on macOS ARM. Reported by BI.ZONE, this is the first publicly known VM-escape chain targeting VirtualBox on macOS ARM since VirtualBox 7.1.0 (2024) introduced Apple Silicon support.
Technical breakdown: information leak to code execution
CVE-2025-62592 (CVSS 6.0) is an integer underflow in the QemuRamFB virtual graphics path, specifically in the MMIO read handler qemuFwCfgMmioRead. The bug causes an out-of-bounds read, leaking arbitrary memory from the VirtualBox process. In practice, this disclosure can reveal randomized base addresses of code and libraries, undermining ASLR (Address Space Layout Randomization). The issue affects VirtualBox on macOS ARM.
CVE-2025-61760 (CVSS 7.5) is a stack buffer overflow in virtioCoreR3VirtqInfo. When paired with address disclosures from CVE-2025-62592, attackers can achieve reliable arbitrary code execution in the host context. Despite modern mitigations like NX (No-eXecute) and stack canaries, exploitation remains feasible by corrupting other local variables or control structures in the target function.
Impact on macOS ARM hosts and realistic abuse scenarios
Chaining these flaws enables a VM escape from a compromised guest to the macOS host running on Apple Silicon (M1/M2/M3). An attacker who controls a guest OS can potentially execute code with the privileges of the VirtualBox hypervisor process, interact with other VMs, and access host hardware such as the camera and microphone. Host-level file access, process execution, and persistence are credible outcomes. Development workstations and test labs on Apple Silicon are at particular risk because a single “disposable” guest can become a bridgehead into the entire host.
Oracle’s fix: October 21, 2025 Critical Patch Update
Oracle addressed both vulnerabilities in the October 21, 2025 Critical Patch Update (CPU). Administrators should update VirtualBox immediately to the patched release included in this CPU. In enterprise settings, automate update deployment and continuously validate VirtualBox versions against security policy.
Why this class of bugs matters
Hypervisor escapes are uncommon but high impact because they break the core isolation model of virtualization. Similar categories of issues have historically surfaced in widely reported cases (e.g., the 2015 VENOM hypervisor vulnerability) and competitive research events like Pwn2Own. The lesson is consistent: defense-in-depth matters. Even with ASLR, NX, and compiler hardening, chained vulnerabilities can degrade isolation between guest and host.
Mitigation guidance for VirtualBox on macOS ARM
– Isolate and restrict untrusted or semi-trusted guests, especially on Apple Silicon hosts.
– Run VirtualBox with the least privileges needed, ideally under a dedicated user with strict device access controls (camera, microphone, USB).
– Enforce network segmentation and separate VLANs/subnets for hypervisor hosts and guest networks.
– Enable monitoring for anomalous hypervisor and guest behavior (VirtualBox logs, privilege escalation attempts, atypical device interactions).
– Apply Zero Trust practices to external VM artifacts (VM images, ISOs, drivers, guest additions), and verify provenance.
Practical steps and references
Prioritize patching via Oracle’s October 2025 CPU, then validate that all Apple Silicon hosts and associated guest additions are current. Review exposure by inventorying hosts running VirtualBox 7.1.x on macOS ARM. For assurance, perform post-update testing with basic exploitation-resistance checks and audit host permissions. For context and authoritative detail, consult the Oracle Critical Patch Update advisories and the MITRE CVE entries for CVE-2025-62592 and CVE-2025-61760.
Keeping hypervisors updated, minimizing privileges, and isolating critical developer endpoints significantly reduces the blast radius of any future escape-class defects. Treat untrusted workloads as adversarial, instrument the environment for early detection, and respond quickly to new VirtualBox advisories and researcher publications.
