Lucene search

IntelCVELIST:CVE-2022-36367

HistoryNov 11, 2022 - 3:48 p.m.

CVE-2022-36367

2022-11-1115:48:38

intel

www.cve.org

intel support

android

information disclosure

default permissions

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Incorrect default permissions in the Intel® Support Android application before version v22.02.28 may allow a privileged user to potentially enable information disclosure via local access.

CNA Affected

[
  {
    "vendor": "n/a",
    "product": "Intel(R) Support Android application",
    "versions": [
      {
        "version": "before version v22.02.28",
        "status": "affected"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

References

www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00740.html

4.4 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

4.6 Medium

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

12.7%

JSON

Related for CVELIST:CVE-2022-36367