Details of VAR-202302-1394

ID

VAR-202302-1394

CVE

CVE-2022-26840

TITLE

Intel's Quartus Prime Vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-019750

DESCRIPTION

Improper neutralization in the Intel(R) Quartus Prime Pro and Standard edition software may allow an authenticated user to potentially enable escalation of privilege via local access. Intel's Quartus Prime Exists in unspecified vulnerabilities.Information is obtained, information is tampered with, and service operation is interrupted. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-26840 // JVNDB: JVNDB-2022-019750 // VULHUB: VHN-418255 // VULMON: CVE-2022-26840

AFFECTED PRODUCTS

vendor:	intel	model:	quartus prime	scope:	lt	version:	22.1	Trust: 1.0
vendor:	intel	model:	quartus prime	scope:	lt	version:	22.2	Trust: 1.0
vendor:	インテル	model:	quartus prime	scope:	eq	version:	22.2	Trust: 0.8
vendor:	インテル	model:	quartus prime	scope:	-	version:	-	Trust: 0.8
vendor:	インテル	model:	quartus prime	scope:	eq	version:	22.1	Trust: 0.8
vendor:	インテル	model:	quartus prime	scope:	eq	version:	-	Trust: 0.8

sources: JVNDB: JVNDB-2022-019750 // NVD: CVE-2022-26840

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov:	CVE-2022-26840
value:	HIGH
Trust: 1.0
secure@intel.com:	CVE-2022-26840
value:	HIGH
Trust: 1.0
NVD:	CVE-2022-26840
value:	HIGH
Trust: 0.8
CNNVD:	CNNVD-202302-1397
value:	HIGH
Trust: 0.6

nvd@nist.gov:	CVE-2022-26840
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.8
impactScore:	5.9
version:	3.1
Trust: 1.0
secure@intel.com:	CVE-2022-26840
baseSeverity:	HIGH
baseScore:	7.3
vectorString:	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	REQUIRED
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	1.3
impactScore:	5.9
version:	3.1
Trust: 1.0
NVD:	CVE-2022-26840
baseSeverity:	HIGH
baseScore:	7.8
vectorString:	CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector:	LOCAL
attackComplexity:	LOW
privilegesRequired:	LOW
userInteraction:	NONE
scope:	UNCHANGED
confidentialityImpact:	HIGH
integrityImpact:	HIGH
availabilityImpact:	HIGH
exploitabilityScore:	NONE
impactScore:	NONE
version:	3.0
Trust: 0.8

sources: JVNDB: JVNDB-2022-019750 // CNNVD: CNNVD-202302-1397 // NVD: CVE-2022-26840 // NVD: CVE-2022-26840

PROBLEMTYPE DATA

problemtype:	NVD-CWE-noinfo	Trust: 1.0
problemtype:	Lack of information (CWE-noinfo) [NVD evaluation ]	Trust: 0.8

sources: JVNDB: JVNDB-2022-019750 // NVD: CVE-2022-26840

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202302-1397

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202302-1397

PATCH

title:	Intel Quartus Prime Pro Security vulnerabilities	url:	http://123.124.177.30/web/xxk/bdxqById.tag?id=226964	Trust: 0.6
title:	-	url:	https://github.com/Live-Hack-CVE/CVE-2022-26840	Trust: 0.1

sources: VULMON: CVE-2022-26840 // CNNVD: CNNVD-202302-1397

EXTERNAL IDS

db:	NVD	id:	CVE-2022-26840	Trust: 3.4
db:	JVN	id:	JVNVU91223897	Trust: 0.8
db:	JVNDB	id:	JVNDB-2022-019750	Trust: 0.8
db:	CNNVD	id:	CNNVD-202302-1397	Trust: 0.6
db:	VULHUB	id:	VHN-418255	Trust: 0.1
db:	VULMON	id:	CVE-2022-26840	Trust: 0.1

sources: VULHUB: VHN-418255 // VULMON: CVE-2022-26840 // JVNDB: JVNDB-2022-019750 // CNNVD: CNNVD-202302-1397 // NVD: CVE-2022-26840

REFERENCES

url:	http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00714.html	Trust: 2.6
url:	https://jvn.jp/vu/jvnvu91223897/	Trust: 0.8
url:	https://nvd.nist.gov/vuln/detail/cve-2022-26840	Trust: 0.8
url:	https://cxsecurity.com/cveshow/cve-2022-26840/	Trust: 0.6
url:	https://github.com/live-hack-cve/cve-2022-26840	Trust: 0.1
url:	https://nvd.nist.gov	Trust: 0.1

sources: VULHUB: VHN-418255 // VULMON: CVE-2022-26840 // JVNDB: JVNDB-2022-019750 // CNNVD: CNNVD-202302-1397 // NVD: CVE-2022-26840

SOURCES

db:	VULHUB	id:	VHN-418255
db:	VULMON	id:	CVE-2022-26840
db:	JVNDB	id:	JVNDB-2022-019750
db:	CNNVD	id:	CNNVD-202302-1397
db:	NVD	id:	CVE-2022-26840

LAST UPDATE DATE

2024-08-14T13:10:02.825000+00:00

SOURCES UPDATE DATE

db:	VULHUB	id:	VHN-418255	date:	2023-02-27T00:00:00
db:	VULMON	id:	CVE-2022-26840	date:	2023-02-17T00:00:00
db:	JVNDB	id:	JVNDB-2022-019750	date:	2023-10-27T05:53:00
db:	CNNVD	id:	CNNVD-202302-1397	date:	2023-02-28T00:00:00
db:	NVD	id:	CVE-2022-26840	date:	2023-02-27T17:28:08.783

SOURCES RELEASE DATE

db:	VULHUB	id:	VHN-418255	date:	2023-02-16T00:00:00
db:	VULMON	id:	CVE-2022-26840	date:	2023-02-16T00:00:00
db:	JVNDB	id:	JVNDB-2022-019750	date:	2023-10-27T00:00:00
db:	CNNVD	id:	CNNVD-202302-1397	date:	2023-02-16T00:00:00
db:	NVD	id:	CVE-2022-26840	date:	2023-02-16T20:15:13.547