Details of VAR-202302-1177

ID

VAR-202302-1177

CVE

CVE-2022-32764

TITLE

Intel DSA Competitive conditional vulnerability

Trust: 0.6

sources: CNNVD: CNNVD-202302-1340

DESCRIPTION

Description: Race condition in the Intel(R) DSA software before version 22.4.26 may allow an authenticated user to potentially enable escalation of privilege via local access

Trust: 1.08

sources: NVD: CVE-2022-32764 // VULHUB: VHN-426240 // VULMON: CVE-2022-32764

AFFECTED PRODUCTS

vendor:

intel

model:

driver \& support assistant

scope:

version:

22.4.26

Trust: 1.0

sources: NVD: CVE-2022-32764

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-32764
value:	HIGH
Trust: 1.0
secure@intel.com:	CVE-2022-32764
value:	HIGH
Trust: 1.0
CNNVD:	CNNVD-202302-1340
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-32764
baseSeverity:	HIGH
baseScore:	7.0
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.0
impactScore:	5.9
version:	3.1
Trust: 1.0
secure@intel.com:	CVE-2022-32764
baseSeverity:	HIGH
baseScore:	7.5
vectorString:	CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	HIGH
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	0.8
impactScore:	6.0
version:	3.1
Trust: 1.0

sources: CNNVD: CNNVD-202302-1340 // NVD: CVE-2022-32764 // NVD: CVE-2022-32764

PROBLEMTYPE DATA

problemtype:

CWE-362

Trust: 1.1

sources: VULHUB: VHN-426240 // NVD: CVE-2022-32764

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202302-1340

TYPE

competition condition problem

Trust: 0.6

sources: CNNVD: CNNVD-202302-1340

PATCH

title:

Intel DSA Repair measures for the competition condition problem loophole

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=227771

Trust: 0.6

sources: CNNVD: CNNVD-202302-1340

EXTERNAL IDS

db:	NVD	id:	CVE-2022-32764	Trust: 1.8
db:	AUSCERT	id:	ESB-2023.0898	Trust: 0.6
db:	CNNVD	id:	CNNVD-202302-1340	Trust: 0.6
db:	VULHUB	id:	VHN-426240	Trust: 0.1
db:	VULMON	id:	CVE-2022-32764	Trust: 0.1

sources: VULHUB: VHN-426240 // VULMON: CVE-2022-32764 // CNNVD: CNNVD-202302-1340 // NVD: CVE-2022-32764

REFERENCES

url:	http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00725.html	Trust: 1.8
url:	https://www.auscert.org.au/bulletins/esb-2023.0898	Trust: 0.6
url:	https://cxsecurity.com/cveshow/cve-2022-32764/	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-426240 // VULMON: CVE-2022-32764 // CNNVD: CNNVD-202302-1340 // NVD: CVE-2022-32764

SOURCES

db:	VULHUB	id:	VHN-426240
db:	VULMON	id:	CVE-2022-32764
db:	CNNVD	id:	CNNVD-202302-1340
db:	NVD	id:	CVE-2022-32764

LAST UPDATE DATE

2024-08-14T12:56:42.918000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-426240	date:	2023-03-06T00:00:00
db:	VULMON	id:	CVE-2022-32764	date:	2023-02-17T00:00:00
db:	CNNVD	id:	CNNVD-202302-1340	date:	2023-03-07T00:00:00
db:	NVD	id:	CVE-2022-32764	date:	2023-03-06T14:21:31.523

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-426240	date:	2023-02-16T00:00:00
db:	VULMON	id:	CVE-2022-32764	date:	2023-02-16T00:00:00
db:	CNNVD	id:	CNNVD-202302-1340	date:	2023-02-16T00:00:00
db:	NVD	id:	CVE-2022-32764	date:	2023-02-16T20:15:14.410