CVE-2016-7086
UnknownEPSS 0.34%
Last modified
CVE-2016-7086 is a vulnerability of currently unknown severity. The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory.. EPSS estimates a 0.34% chance of exploitation in the next 30 days.
Description
The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Vmware | Workstation Player | 12.0.0 |
| Vmware | Workstation Player | 12.0.1 |
| Vmware | Workstation Player | 12.1.0 |
| Vmware | Workstation Player | 12.1.1 |
| Vmware | Workstation Pro | 12.0.0 |
| Vmware | Workstation Pro | 12.0.1 |
| Vmware | Workstation Pro | 12.1.0 |
| Vmware | Workstation Pro | 12.1.1 |
References
- http://www.securityfocus.com/bid/92941Third Party Advisory, VDB Entry
- http://www.securityfocus.com/bid/92941Third Party Advisory, VDB Entry
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2016-7086?
The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory.
How severe is CVE-2016-7086?
Severity scoring for CVE-2016-7086 is pending analysis. The EPSS model estimates a 0.34% probability of exploitation in the next 30 days.
How do I fix CVE-2016-7086?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.
Are you affected by CVE-2016-7086?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST