Details of VAR-202208-1418

ID

VAR-202208-1418

CVE

CVE-2022-26017

TITLE

Intel's Intel Driver and Support Assistant Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-015177

DESCRIPTION

Improper access control in the Intel(R) DSA software for before version 22.2.14 may allow an authenticated user to potentially enable escalation of privilege via adjacent access. Intel's Intel Driver and Support Assistant Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state. Intel DSA is a driver update tool. It can detect the user driver program, update the installed driver to the latest version, support intel series graphics card, audio, network card and chipset drivers, a must for i card users. Attackers exploit this vulnerability to escalate privileges

Trust: 1.71

sources: NVD: CVE-2022-26017 // JVNDB: JVNDB-2022-015177 // VULHUB: VHN-418252

AFFECTED PRODUCTS

vendor:	intel	model:	driver \& support assistant	scope:	lt	version:	22.2.14	Trust: 1.0
vendor:	インテル	model:	intel driver and support assistant	scope:	eq	version:	22.2.14	Trust: 0.8
vendor:	インテル	model:	intel driver and support assistant	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	intel driver and support assistant	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-015177 // NVD: CVE-2022-26017

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-26017
value:	HIGH
Trust: 1.0
134c704f-9b21-4f2e-91b3-4a467353bcc0:	CVE-2022-26017
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-26017
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202208-3402
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-26017
baseSeverity:	HIGH
baseScore:	8.0
vectorString:	CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	2.1
impactScore:	5.9
version:	3.1
Trust: 2.0
NVD:	CVE-2022-26017
baseSeverity:	HIGH
baseScore:	8.0
vectorString:	CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	ADJACENT NETWORK
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-015177 // CNNVD: CNNVD-202208-3402 // NVD: CVE-2022-26017 // NVD: CVE-2022-26017

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8
problemtype:	CWE-863	Trust: 0.1

sources: VULHUB: VHN-418252 // JVNDB: JVNDB-2022-015177 // NVD: CVE-2022-26017

THREAT TYPE

remote or local

Trust: 0.6

sources: CNNVD: CNNVD-202208-3402

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202208-3402

PATCH

title:

Intel DSA Security vulnerabilities

url:

http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=205211

Trust: 0.6

sources: CNNVD: CNNVD-202208-3402

EXTERNAL IDS

db:	NVD	id:	CVE-2022-26017	Trust: 3.3
db:	JVN	id:	JVNVU99494206	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-015177	Trust: 0.8
db:	CNNVD	id:	CNNVD-202208-3402	Trust: 0.7
db:	VULHUB	id:	VHN-418252	Trust: 0.1

sources: VULHUB: VHN-418252 // JVNDB: JVNDB-2022-015177 // CNNVD: CNNVD-202208-3402 // NVD: CVE-2022-26017

REFERENCES

url:	https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00679.html	Trust: 2.5
url:	https://jvn.jp/vu/jvnvu99494206/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-26017	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-26017/	Trust: 0.6

sources: VULHUB: VHN-418252 // JVNDB: JVNDB-2022-015177 // CNNVD: CNNVD-202208-3402 // NVD: CVE-2022-26017

SOURCES

db:	VULHUB	id:	VHN-418252
db:	JVNDB	id:	JVNDB-2022-015177
db:	CNNVD	id:	CNNVD-202208-3402
db:	NVD	id:	CVE-2022-26017

LAST UPDATE DATE

2025-05-07T22:14:15.610000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-418252	date:	2022-08-22T00:00:00
db:	JVNDB	id:	JVNDB-2022-015177	date:	2023-09-25T08:45:00
db:	CNNVD	id:	CNNVD-202208-3402	date:	2022-08-29T00:00:00
db:	NVD	id:	CVE-2022-26017	date:	2025-05-05T17:18:02.667

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-418252	date:	2022-08-18T00:00:00
db:	JVNDB	id:	JVNDB-2022-015177	date:	2023-09-25T00:00:00
db:	CNNVD	id:	CNNVD-202208-3402	date:	2022-08-18T00:00:00
db:	NVD	id:	CVE-2022-26017	date:	2022-08-18T20:15:10.867