Sign-up

ID

VAR-202208-0822


CVE

CVE-2022-26344


TITLE

Intel's  single event api  Vulnerability regarding improper default permissions in

Trust: 0.8

sources: JVNDB: JVNDB-2022-015175

DESCRIPTION

Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access. Intel's single event api There is a vulnerability in improper default permissions.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-26344 // JVNDB: JVNDB-2022-015175 // VULHUB: VHN-419836 // VULMON: CVE-2022-26344

AFFECTED PRODUCTS

vendor:intelmodel:single event apiscope:eqversion:*

Trust: 1.0

vendor:インテルmodel:single event apiscope:eqversion: -

Trust: 0.8

vendor:インテルmodel:single event apiscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-015175 // NVD: CVE-2022-26344

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-26344
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2022-26344
value: HIGH

Trust: 1.0

NVD: CVE-2022-26344
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202208-2706
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-26344
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 2.0

NVD: CVE-2022-26344
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-015175 // CNNVD: CNNVD-202208-2706 // NVD: CVE-2022-26344 // NVD: CVE-2022-26344

PROBLEMTYPE DATA

problemtype:CWE-276

Trust: 1.1

problemtype:Inappropriate default permissions (CWE-276) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-419836 // JVNDB: JVNDB-2022-015175 // NVD: CVE-2022-26344

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202208-2706

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-2706

PATCH

title:Intel Single Event API Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=205191

Trust: 0.6

sources: CNNVD: CNNVD-202208-2706

EXTERNAL IDS

db:NVDid:CVE-2022-26344

Trust: 3.4

db:JVNid:JVNVU99494206

Trust: 0.8

db:JVNDBid:JVNDB-2022-015175

Trust: 0.8

db:AUSCERTid:ESB-2022.3957

Trust: 0.6

db:CNNVDid:CNNVD-202208-2706

Trust: 0.6

db:VULHUBid:VHN-419836

Trust: 0.1

db:VULMONid:CVE-2022-26344

Trust: 0.1

sources: VULHUB: VHN-419836 // VULMON: CVE-2022-26344 // JVNDB: JVNDB-2022-015175 // CNNVD: CNNVD-202208-2706 // NVD: CVE-2022-26344

REFERENCES

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00701.html

Trust: 2.6

url:https://jvn.jp/vu/jvnvu99494206/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-26344

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2022.3957

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-26344/

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-419836 // VULMON: CVE-2022-26344 // JVNDB: JVNDB-2022-015175 // CNNVD: CNNVD-202208-2706 // NVD: CVE-2022-26344

SOURCES

db:VULHUBid:VHN-419836
db:VULMONid:CVE-2022-26344
db:JVNDBid:JVNDB-2022-015175
db:CNNVDid:CNNVD-202208-2706
db:NVDid:CVE-2022-26344

LAST UPDATE DATE

2025-02-27T00:56:29.511000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-419836date:2022-08-22T00:00:00
db:VULMONid:CVE-2022-26344date:2022-08-19T00:00:00
db:JVNDBid:JVNDB-2022-015175date:2023-09-25T08:45:00
db:CNNVDid:CNNVD-202208-2706date:2022-08-23T00:00:00
db:NVDid:CVE-2022-26344date:2025-02-25T17:15:10.987

SOURCES RELEASE DATE

db:VULHUBid:VHN-419836date:2022-08-18T00:00:00
db:VULMONid:CVE-2022-26344date:2022-08-18T00:00:00
db:JVNDBid:JVNDB-2022-015175date:2023-09-25T00:00:00
db:CNNVDid:CNNVD-202208-2706date:2022-08-10T00:00:00
db:NVDid:CVE-2022-26344date:2022-08-18T20:15:10.957