Its behind at least 2 NATs with no inbound port forwarding, and the host firewall!
The NAT between the VM and the Win10 host, the Win10 host firewall,and NAT between the host and the outside world.
It would need to be a very specific attack to reach the VM,
It would need to break through the corporate firewalls and NAT;
Even from a compromised internal PC, it would then need to compromise the host system's Win10 firewall;
and then compromise the VirtualBox virtual NAT.
Not saying it can't be done, but I'm not sweating it for a VM that's spun up for a couple of hours every 10 years!
It's buried beneath so many layers of much more recent protection.
(Im not sure if I could disable the LAN connection on the VM or if that would also kill access to the VM, but I think I could. Its not an RDP session.)