CVE-2016-0167

ENISA EUVD: EUVD-2016-0205 ↗

Exploited in the Wild ✓ Confirmed 0-Day ★ Google Project Zero

Triaged: March 5, 2026 2 articles

VulnLookup ↗ NVD ↗ EUVD ↗ MITRE ↗ Advisory ↗ P0 Sheet ↗ CISA KEV ↗

EPSS Score

Source: FIRST.org · 2026-05-24

12.9%

probability

This CVE has a 12.9% probability of being exploited in the next 30 days.

0% Top 94.1th percentile of all CVEs 100%

CVSS v3.1

Source: NVD

7.8

Attack Vector

Local

Attack Complexity

Low

Privileges Required

None

User Interaction

Required

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Description

Project Zero

Use-after-free in win32k!xxxMNDestroyHandler

Affected Products

Google Project Zero

Discovered

March 8, 2016

Patched

April 12, 2016

Reported by

Dhanesh Kizhakkinan of FireEye, Inc.

Root Cause Analysis

???

Unpacking the CVEs in the FireEye Breach – Start Here First

Qualys Feb 01, 2021

Solorigate/Sunburst : Theft of Cybersecurity Tools | FireEye Breach

Qualys Dec 10, 2020

Signal Intelligence

Confidenceⓘ

95%

EPSS 12.9%

CVSS v3.1 7.8

Mentions 2

Last Seen Feb 01, 2021

CNA Information

Analyst Note

Auto-imported from Google Project Zero — confirmed zero-day by definition.

Threat Actors 1

Turla Group

apt_group Information theft and espionage Russian Federation

Triage Info

Decided atMar 05, 2026