What is CVE-2016-5330?

CVE-2016-5330 is a high-severity vulnerability in Apple Mac_os_x, classified under Untrusted Search Path. CVSS score: 7.8/10. Published 2016-08-08.

How severe is CVE-2016-5330?

High severity. CVSS v3 base score is 7.8 out of 10.

Is CVE-2016-5330 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Apple Mac_os_x

CVE-2016-5330

Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fus…

EPSS: 0.229 (96.0th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H.

Affected products

Weakness classification (CWE)

CWE-426 — Untrusted Search Path

Public proof-of-concept exploits

References

1036544 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
1036619 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
92323 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_BID)
cve@mitre.org (x_refsource_CONFIRM, Mitigation, Vendor Advisory)
20160805 DLL side loading vulnerability in VMware Host Guest Client Redirector (mailing-list, x_refsource_BUGTRAQ, Third Party Advisory, VDB Entry)
1036545 (Third Party Advisory, VDB Entry, vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (Exploit, Third Party Advisory, x_refsource_MISC)
cve@mitre.org (Third Party Advisory, x_refsource_MISC)

Frequently asked questions

What is CVE-2016-5330?: CVE-2016-5330 is a high-severity vulnerability in Apple Mac_os_x, classified under Untrusted Search Path. CVSS score: 7.8/10. Published 2016-08-08.
How severe is CVE-2016-5330?: High severity. CVSS v3 base score is 7.8 out of 10.
Is CVE-2016-5330 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.