Details of VAR-202302-1206

ID

VAR-202302-1206

CVE

CVE-2022-27170

TITLE

Intel's media software development kit Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-019576

DESCRIPTION

Protection mechanism failure in the Intel(R) Media SDK software before version 22.2.2 may allow an authenticated user to potentially enable escalation of privilege via local access. Intel's media software development kit Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-27170 // JVNDB: JVNDB-2022-019576 // VULHUB: VHN-430485 // VULMON: CVE-2022-27170

AFFECTED PRODUCTS

vendor:	intel	model:	media software development kit	scope:	lt	version:	22.2.2	Trust: 1.0
vendor:	インテル	model:	media software development kit	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	media software development kit	scope:	eq	version:	-	Trust: 0.8
vendor:	インテル	model:	media software development kit	scope:	eq	version:	22.2.2	Trust: 0.8

sources: JVNDB: JVNDB-2022-019576 // NVD: CVE-2022-27170

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-27170
value:	HIGH
Trust: 1.0
secure@intel.com:	CVE-2022-27170
value:	MEDIUM
Trust: 1.0
NVD:	CVE-2022-27170
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202302-1322
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-27170
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
secure@intel.com:	CVE-2022-27170
baseSeverity:	MEDIUM
baseScore:	5.7
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	CHANGED
confidentialityImpact:	LOW
integrityImpact:	LOW
availabilityImpact:	LOW
exploitabilityScore:	1.5
impactScore:	3.7
version:	3.1
Trust: 1.0
NVD:	CVE-2022-27170
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-019576 // CNNVD: CNNVD-202302-1322 // NVD: CVE-2022-27170 // NVD: CVE-2022-27170

PROBLEMTYPE DATA

problemtype:	NVD-CWE-Other	Trust: 1.0
problemtype:	others (CWE-Other) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-019576 // NVD: CVE-2022-27170

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202302-1322

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202302-1322

PATCH

title:

Intel Media SDK Security vulnerabilities

url:

http://123.124.177.30/web/xxk/bdxqById.tag?id=226771

Trust: 0.6

sources: CNNVD: CNNVD-202302-1322

EXTERNAL IDS

db:	NVD	id:	CVE-2022-27170	Trust: 3.4
db:	JVN	id:	JVNVU91223897	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-019576	Trust: 0.8
db:	AUSCERT	id:	ESB-2023.0905	Trust: 0.6
db:	CNNVD	id:	CNNVD-202302-1322	Trust: 0.6
db:	VULHUB	id:	VHN-430485	Trust: 0.1
db:	VULMON	id:	CVE-2022-27170	Trust: 0.1

sources: VULHUB: VHN-430485 // VULMON: CVE-2022-27170 // JVNDB: JVNDB-2022-019576 // CNNVD: CNNVD-202302-1322 // NVD: CVE-2022-27170

REFERENCES

url:	http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00731.html	Trust: 2.6
url:	https://jvn.jp/vu/jvnvu91223897/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-27170	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-27170/	Trust: 0.6
url:	https://www.auscert.org.au/bulletins/esb-2023.0905	Trust: 0.6
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-430485 // VULMON: CVE-2022-27170 // JVNDB: JVNDB-2022-019576 // CNNVD: CNNVD-202302-1322 // NVD: CVE-2022-27170

SOURCES

db:	VULHUB	id:	VHN-430485
db:	VULMON	id:	CVE-2022-27170
db:	JVNDB	id:	JVNDB-2022-019576
db:	CNNVD	id:	CNNVD-202302-1322
db:	NVD	id:	CVE-2022-27170

LAST UPDATE DATE

2024-08-14T12:47:31.410000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-430485	date:	2023-02-24T00:00:00
db:	VULMON	id:	CVE-2022-27170	date:	2023-02-17T00:00:00
db:	JVNDB	id:	JVNDB-2022-019576	date:	2023-10-26T06:52:00
db:	CNNVD	id:	CNNVD-202302-1322	date:	2023-02-27T00:00:00
db:	NVD	id:	CVE-2022-27170	date:	2023-02-24T20:46:42.080

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-430485	date:	2023-02-16T00:00:00
db:	VULMON	id:	CVE-2022-27170	date:	2023-02-16T00:00:00
db:	JVNDB	id:	JVNDB-2022-019576	date:	2023-10-26T00:00:00
db:	CNNVD	id:	CNNVD-202302-1322	date:	2023-02-16T00:00:00
db:	NVD	id:	CVE-2022-27170	date:	2023-02-16T21:15:11.520