EIP-2026-116505

PRE-CVE

VMware 5.5.1 - COM Object Arbitrary Partition Table Delete

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116505. PoCs published by nop.

AI-analyzed exploit summary This exploit leverages an unsafe ActiveX control in VMware 5.5.1 to arbitrarily delete partition tables on Windows systems. The PoC uses the Vie2Locator Class COM object to connect to disks and reset their layouts, effectively wiping partition tables.

Description

VMware 5.5.1 - COM Object Arbitrary Partition Table Delete

Exploits (1)

exploitdb WORKING POC VERIFIED

by nop · htmldoswindows

https://www.exploit-db.com/exploits/2195

View Code ZIP pw:eip

This exploit leverages an unsafe ActiveX control in VMware 5.5.1 to arbitrarily delete partition tables on Windows systems. The PoC uses the Vie2Locator Class COM object to connect to disks and reset their layouts, effectively wiping partition tables.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Trivial

Reliability

Reliable

Target: VMware 5.5.1 build-19175

No auth needed

Prerequisites: VMware 5.5.1 installed on Windows · Unsafe ActiveX controls enabled in browser · User interaction to open malicious HTML file

MITRE ATT&CK

T1221 - Template Injection T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026