Question 1

What is CVE-2016-5330?

Accepted Answer

CVE-2016-5330 is a high-severity software vulnerability (Untrusted search path) with a CVSS score of 7.8. Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusi

Question 2

Is CVE-2016-5330 being actively exploited?

Accepted Answer

It is not currently in CISA's KEV catalog. Its EPSS exploitation probability is 18%.

Question 3

What products does CVE-2016-5330 affect?

Accepted Answer

Tracked products affected include VMware ESXi, Tools. Check the version you run to see whether it is affected.

Question 4

How do I fix CVE-2016-5330?

Accepted Answer

Apply the vendor fix promptly. Upgrade affected products to a fixed version.

CVE-2016-5330

Summary

Impact & exploitability

Affected products we track (2)

Recommendation

Additional information