Sign-up

ID

VAR-202211-0784


CVE

CVE-2022-26086


TITLE

Intel's  gametechdev presentmon  Vulnerability regarding uncontrolled search path elements in

Trust: 0.8

sources: JVNDB: JVNDB-2022-021009

DESCRIPTION

Uncontrolled search path element in the PresentMon software maintained by Intel(R) before version 1.7.1 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel's gametechdev presentmon Exists in a vulnerability in an element of an uncontrolled search path.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.71

sources: NVD: CVE-2022-26086 // JVNDB: JVNDB-2022-021009 // VULHUB: VHN-416852

AFFECTED PRODUCTS

vendor:intelmodel:gametechdev presentmonscope:ltversion:1.7.1

Trust: 1.0

vendor:インテルmodel:gametechdev presentmonscope: - version: -

Trust: 0.8

vendor:インテルmodel:gametechdev presentmonscope:eqversion: -

Trust: 0.8

vendor:インテルmodel:gametechdev presentmonscope:eqversion:1.7.1

Trust: 0.8

sources: JVNDB: JVNDB-2022-021009 // NVD: CVE-2022-26086

CVSS

SEVERITY

CVSSV2

CVSSV3

secure@intel.com: CVE-2022-26086
value: MEDIUM

Trust: 1.0

nvd@nist.gov: CVE-2022-26086
value: HIGH

Trust: 1.0

NVD: CVE-2022-26086
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202211-2625
value: HIGH

Trust: 0.6

secure@intel.com: CVE-2022-26086
baseSeverity: MEDIUM
baseScore: 6.7
vectorString: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: HIGH
privilegesRequired: LOW
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 0.8
impactScore: 5.9
version: 3.1

Trust: 1.0

nvd@nist.gov: CVE-2022-26086
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.3
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2022-26086
baseSeverity: HIGH
baseScore: 7.3
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-021009 // CNNVD: CNNVD-202211-2625 // NVD: CVE-2022-26086 // NVD: CVE-2022-26086

PROBLEMTYPE DATA

problemtype:CWE-427

Trust: 1.1

problemtype:Uncontrolled search path elements (CWE-427) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-416852 // JVNDB: JVNDB-2022-021009 // NVD: CVE-2022-26086

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202211-2625

TYPE

code problem

Trust: 0.6

sources: CNNVD: CNNVD-202211-2625

PATCH

title:Intel PresentMon Fixes for code issue vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=214670

Trust: 0.6

sources: CNNVD: CNNVD-202211-2625

EXTERNAL IDS

db:NVDid:CVE-2022-26086

Trust: 3.3

db:JVNid:JVNVU94499505

Trust: 0.8

db:JVNDBid:JVNDB-2022-021009

Trust: 0.8

db:AUSCERTid:ESB-2022.5844

Trust: 0.6

db:CNNVDid:CNNVD-202211-2625

Trust: 0.6

db:VULHUBid:VHN-416852

Trust: 0.1

sources: VULHUB: VHN-416852 // JVNDB: JVNDB-2022-021009 // CNNVD: CNNVD-202211-2625 // NVD: CVE-2022-26086

REFERENCES

url:https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00711.html

Trust: 2.5

url:https://jvn.jp/vu/jvnvu94499505/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-26086

Trust: 0.8

url:https://cxsecurity.com/cveshow/cve-2022-26086/

Trust: 0.6

url:https://www.auscert.org.au/bulletins/esb-2022.5844

Trust: 0.6

sources: VULHUB: VHN-416852 // JVNDB: JVNDB-2022-021009 // CNNVD: CNNVD-202211-2625 // NVD: CVE-2022-26086

SOURCES

db:VULHUBid:VHN-416852
db:JVNDBid:JVNDB-2022-021009
db:CNNVDid:CNNVD-202211-2625
db:NVDid:CVE-2022-26086

LAST UPDATE DATE

2025-02-06T19:44:14.285000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-416852date:2022-11-17T00:00:00
db:JVNDBid:JVNDB-2022-021009date:2023-11-07T08:19:00
db:CNNVDid:CNNVD-202211-2625date:2022-11-18T00:00:00
db:NVDid:CVE-2022-26086date:2025-02-05T21:15:14.867

SOURCES RELEASE DATE

db:VULHUBid:VHN-416852date:2022-11-11T00:00:00
db:JVNDBid:JVNDB-2022-021009date:2023-11-07T00:00:00
db:CNNVDid:CNNVD-202211-2625date:2022-11-11T00:00:00
db:NVDid:CVE-2022-26086date:2022-11-11T16:15:12.527