Details of VAR-202208-0926

ID

VAR-202208-0926

CVE

CVE-2022-27500

TITLE

Intel's Android for support Vulnerability regarding improper default permissions in

Trust: 0.8

sources: JVNDB: JVNDB-2022-015171

DESCRIPTION

Incorrect default permissions for the Intel(R) Support Android application before 21.07.40 may allow an authenticated user to potentially enable information disclosure via local access. Intel's Android for support There is a vulnerability in improper default permissions.Information may be obtained

Trust: 1.71

sources: NVD: CVE-2022-27500 // JVNDB: JVNDB-2022-015171 // VULHUB: VHN-418262

AFFECTED PRODUCTS

vendor:	intel	model:	support	scope:	lt	version:	21.7.40	Trust: 1.0
vendor:	インテル	model:	support	scope:	eq	version:	-	Trust: 0.8
vendor:	インテル	model:	support	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	support	scope:	eq	version:	21.7.40	Trust: 0.8

sources: JVNDB: JVNDB-2022-015171 // NVD: CVE-2022-27500

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-27500
value:	MEDIUM
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2022-27500
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-27500
value:	MEDIUM
Trust: 0.8
CNNVD:	CNNVD-202208-2674
value:	MEDIUM
Trust: 0.6

nvd@nist.gov:	CVE-2022-27500
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	1.8
impactScore:	3.6
version:	3.1
Trust: 2.0
NVD:	CVE-2022-27500
baseSeverity:	MEDIUM
baseScore:	5.5
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	NONE
availabilityImpact:	NONE
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-015171 // CNNVD: CNNVD-202208-2674 // NVD: CVE-2022-27500 // NVD: CVE-2022-27500

PROBLEMTYPE DATA

problemtype:	CWE-276	Trust: 1.1
problemtype:	Inappropriate default permissions (CWE-276) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-418262 // JVNDB: JVNDB-2022-015171 // NVD: CVE-2022-27500

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202208-2674

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-2674

PATCH

title:

Intel Support Android Security vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204879

Trust: 0.6

sources: CNNVD: CNNVD-202208-2674

EXTERNAL IDS

db:	NVD	id:	CVE-2022-27500	Trust: 3.3
db:	JVN	id:	JVNVU99494206	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-015171	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.3958	Trust: 0.6
db:	CNNVD	id:	CNNVD-202208-2674	Trust: 0.6
db:	VULHUB	id:	VHN-418262	Trust: 0.1

sources: VULHUB: VHN-418262 // JVNDB: JVNDB-2022-015171 // CNNVD: CNNVD-202208-2674 // NVD: CVE-2022-27500

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00660.html	Trust: 2.5
url:	https://jvn.jp/vu/jvnvu99494206/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-27500	Trust: 0.8
url:	https://www.auscert.org.au/bulletins/esb-2022.3958	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-27500/	Trust: 0.6

sources: VULHUB: VHN-418262 // JVNDB: JVNDB-2022-015171 // CNNVD: CNNVD-202208-2674 // NVD: CVE-2022-27500

SOURCES

db:	VULHUB	id:	VHN-418262
db:	JVNDB	id:	JVNDB-2022-015171
db:	CNNVD	id:	CNNVD-202208-2674
db:	NVD	id:	CVE-2022-27500

LAST UPDATE DATE

2025-05-07T20:45:08.283000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-418262	date:	2022-08-22T00:00:00
db:	JVNDB	id:	JVNDB-2022-015171	date:	2023-09-25T08:45:00
db:	CNNVD	id:	CNNVD-202208-2674	date:	2022-08-23T00:00:00
db:	NVD	id:	CVE-2022-27500	date:	2025-05-05T17:18:05.260

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-418262	date:	2022-08-18T00:00:00
db:	JVNDB	id:	JVNDB-2022-015171	date:	2023-09-25T00:00:00
db:	CNNVD	id:	CNNVD-202208-2674	date:	2022-08-10T00:00:00
db:	NVD	id:	CVE-2022-27500	date:	2022-08-18T20:15:11.127