Details of VAR-202208-1071

ID

VAR-202208-1071

CVE

CVE-2022-21812

TITLE

Intel's Intel Hardware Accelerated Execution Manager Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-015198

DESCRIPTION

Improper access control in the Intel(R) HAXM software before version 7.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel's Intel Hardware Accelerated Execution Manager Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-21812 // JVNDB: JVNDB-2022-015198 // VULHUB: VHN-408094

AFFECTED PRODUCTS

vendor:	intel	model:	hardware accelerated execution manager	scope:	lt	version:	7.7.1	Trust: 1.0
vendor:	インテル	model:	intel hardware accelerated execution manager	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel hardware accelerated execution manager	scope:	eq	version:	-	Trust: 0.8
vendor:	インテル	model:	intel hardware accelerated execution manager	scope:	eq	version:	7.7.1	Trust: 0.8

sources: JVNDB: JVNDB-2022-015198 // NVD: CVE-2022-21812

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-21812
value:	HIGH
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2022-21812
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-21812
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202208-2667
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-21812
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2022-21812
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-015198 // CNNVD: CNNVD-202208-2667 // NVD: CVE-2022-21812 // NVD: CVE-2022-21812

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8
problemtype:	CWE-863	Trust: 0.1

sources: VULHUB: VHN-408094 // JVNDB: JVNDB-2022-015198 // NVD: CVE-2022-21812

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202208-2667

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-2667

PATCH

title:

Intel HAXM Security vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=204873

Trust: 0.6

sources: CNNVD: CNNVD-202208-2667

EXTERNAL IDS

db:	NVD	id:	CVE-2022-21812	Trust: 3.3
db:	JVN	id:	JVNVU99494206	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-015198	Trust: 0.8
db:	AUSCERT	id:	ESB-2022.3950	Trust: 0.6
db:	CNNVD	id:	CNNVD-202208-2667	Trust: 0.6
db:	VULHUB	id:	VHN-408094	Trust: 0.1

sources: VULHUB: VHN-408094 // JVNDB: JVNDB-2022-015198 // CNNVD: CNNVD-202208-2667 // NVD: CVE-2022-21812

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00655.html	Trust: 2.5
url:	https://jvn.jp/vu/jvnvu99494206/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-21812	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-21812/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2022.3950	Trust: 0.6

sources: VULHUB: VHN-408094 // JVNDB: JVNDB-2022-015198 // CNNVD: CNNVD-202208-2667 // NVD: CVE-2022-21812

SOURCES

db:	VULHUB	id:	VHN-408094
db:	JVNDB	id:	JVNDB-2022-015198
db:	CNNVD	id:	CNNVD-202208-2667
db:	NVD	id:	CVE-2022-21812

LAST UPDATE DATE

2025-05-07T22:32:40.542000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-408094	date:	2022-08-19T00:00:00
db:	JVNDB	id:	JVNDB-2022-015198	date:	2023-09-25T08:46:00
db:	CNNVD	id:	CNNVD-202208-2667	date:	2022-08-22T00:00:00
db:	NVD	id:	CVE-2022-21812	date:	2025-05-05T17:17:51.827

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-408094	date:	2022-08-18T00:00:00
db:	JVNDB	id:	JVNDB-2022-015198	date:	2023-09-25T00:00:00
db:	CNNVD	id:	CNNVD-202208-2667	date:	2022-08-10T00:00:00
db:	NVD	id:	CVE-2022-21812	date:	2022-08-18T20:15:10.427