Details of VAR-202208-1390

ID

VAR-202208-1390

CVE

CVE-2022-25841

TITLE

Intel's Android for datacenter group event Vulnerability regarding uncontrolled search path elements in

Trust: 0.8

sources: JVNDB: JVNDB-2022-015183

DESCRIPTION

Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access. (DoS) It may be in a state. Intel Datacenter Group Event is a data center group event consulting software developed by Intel Corporation. Attackers exploit this vulnerability to escalate privileges

Trust: 1.71

sources: NVD: CVE-2022-25841 // JVNDB: JVNDB-2022-015183 // VULHUB: VHN-418251

AFFECTED PRODUCTS

vendor:	intel	model:	datacenter group event	scope:	eq	version:	*	Trust: 1.0
vendor:	インテル	model:	datacenter group event	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	datacenter group event	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-015183 // NVD: CVE-2022-25841

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-25841
value:	HIGH
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2022-25841
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-25841
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202208-3404
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-25841
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2022-25841
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-015183 // CNNVD: CNNVD-202208-3404 // NVD: CVE-2022-25841 // NVD: CVE-2022-25841

PROBLEMTYPE DATA

problemtype:	CWE-427	Trust: 1.1
problemtype:	Uncontrolled search path elements (CWE-427) [NVD evaluation ]	Trust: 0.8

sources: VULHUB: VHN-418251 // JVNDB: JVNDB-2022-015183 // NVD: CVE-2022-25841

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202208-3404

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202208-3404

PATCH

title:

Intel Datacenter Group Event Fixes for code issue vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=205212

Trust: 0.6

sources: CNNVD: CNNVD-202208-3404

EXTERNAL IDS

db:	NVD	id:	CVE-2022-25841	Trust: 3.3
db:	JVN	id:	JVNVU99494206	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-015183	Trust: 0.8
db:	CNNVD	id:	CNNVD-202208-3404	Trust: 0.7
db:	VULHUB	id:	VHN-418251	Trust: 0.1

sources: VULHUB: VHN-418251 // JVNDB: JVNDB-2022-015183 // CNNVD: CNNVD-202208-3404 // NVD: CVE-2022-25841

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00678.html	Trust: 2.5
url:	https://jvn.jp/vu/jvnvu99494206/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-25841	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-25841/	Trust: 0.6

sources: VULHUB: VHN-418251 // JVNDB: JVNDB-2022-015183 // CNNVD: CNNVD-202208-3404 // NVD: CVE-2022-25841

SOURCES

db:	VULHUB	id:	VHN-418251
db:	JVNDB	id:	JVNDB-2022-015183
db:	CNNVD	id:	CNNVD-202208-3404
db:	NVD	id:	CVE-2022-25841

LAST UPDATE DATE

2025-05-07T22:49:09.217000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-418251	date:	2022-08-22T00:00:00
db:	JVNDB	id:	JVNDB-2022-015183	date:	2023-09-25T08:45:00
db:	CNNVD	id:	CNNVD-202208-3404	date:	2022-08-23T00:00:00
db:	NVD	id:	CVE-2022-25841	date:	2025-05-05T17:18:02.047

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-418251	date:	2022-08-18T00:00:00
db:	JVNDB	id:	JVNDB-2022-015183	date:	2023-09-25T00:00:00
db:	CNNVD	id:	CNNVD-202208-3404	date:	2022-08-18T00:00:00
db:	NVD	id:	CVE-2022-25841	date:	2022-08-18T20:15:10.693