Sign-up

ID

VAR-202302-1222


CVE

CVE-2022-34153


TITLE

Intel's  Battery Life Diagnostic Tool  Initialization vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2022-019925

DESCRIPTION

Improper initialization in the Intel(R) Battery Life Diagnostic Tool software before version 2.2.0 may allow an authenticated user to potentially enable escalation of privilege via local access. (DoS) It may be in a state

Trust: 1.8

sources: NVD: CVE-2022-34153 // JVNDB: JVNDB-2022-019925 // VULHUB: VHN-431056 // VULMON: CVE-2022-34153

AFFECTED PRODUCTS

vendor:intelmodel:battery life diagnostic toolscope:eqversion:2.2.0

Trust: 1.0

vendor:インテルmodel:battery life diagnostic toolscope:eqversion:2.2.0

Trust: 0.8

vendor:インテルmodel:battery life diagnostic toolscope:eqversion: -

Trust: 0.8

vendor:インテルmodel:battery life diagnostic toolscope: - version: -

Trust: 0.8

sources: JVNDB: JVNDB-2022-019925 // NVD: CVE-2022-34153

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2022-34153
value: HIGH

Trust: 1.0

secure@intel.com: CVE-2022-34153
value: HIGH

Trust: 1.0

NVD: CVE-2022-34153
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202302-1329
value: HIGH

Trust: 0.6

nvd@nist.gov: CVE-2022-34153
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.8
impactScore: 5.9
version: 3.1

Trust: 1.0

secure@intel.com: CVE-2022-34153
baseSeverity: HIGH
baseScore: 8.2
vectorString: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: REQUIRED
scope: CHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 1.5
impactScore: 6.0
version: 3.1

Trust: 1.0

NVD: CVE-2022-34153
baseSeverity: HIGH
baseScore: 7.8
vectorString: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: LOCAL
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2022-019925 // CNNVD: CNNVD-202302-1329 // NVD: CVE-2022-34153 // NVD: CVE-2022-34153

PROBLEMTYPE DATA

problemtype:CWE-665

Trust: 1.1

problemtype:Improper initialization (CWE-665) [NVD evaluation ]

Trust: 0.8

sources: VULHUB: VHN-431056 // JVNDB: JVNDB-2022-019925 // NVD: CVE-2022-34153

THREAT TYPE

local

Trust: 0.6

sources: CNNVD: CNNVD-202302-1329

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202302-1329

PATCH

title:Intel Battery Life Diagnostic Tool Security vulnerabilitiesurl:http://123.124.177.30/web/xxk/bdxqById.tag?id=227405

Trust: 0.6

sources: CNNVD: CNNVD-202302-1329

EXTERNAL IDS

db:NVDid:CVE-2022-34153

Trust: 3.4

db:JVNid:JVNVU91223897

Trust: 0.8

db:JVNDBid:JVNDB-2022-019925

Trust: 0.8

db:AUSCERTid:ESB-2023.0897

Trust: 0.6

db:CNNVDid:CNNVD-202302-1329

Trust: 0.6

db:VULHUBid:VHN-431056

Trust: 0.1

db:VULMONid:CVE-2022-34153

Trust: 0.1

sources: VULHUB: VHN-431056 // VULMON: CVE-2022-34153 // JVNDB: JVNDB-2022-019925 // CNNVD: CNNVD-202302-1329 // NVD: CVE-2022-34153

REFERENCES

url:http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00726.html

Trust: 2.6

url:https://jvn.jp/vu/jvnvu91223897/

Trust: 0.8

url:https://nvd.nist.gov/vuln/detail/cve-2022-34153

Trust: 0.8

url:https://www.auscert.org.au/bulletins/esb-2023.0897

Trust: 0.6

url:https://cxsecurity.com/cveshow/cve-2022-34153/

Trust: 0.6

url:https://nvd.nist.gov

Trust: 0.1

sources: VULHUB: VHN-431056 // VULMON: CVE-2022-34153 // JVNDB: JVNDB-2022-019925 // CNNVD: CNNVD-202302-1329 // NVD: CVE-2022-34153

SOURCES

db:VULHUBid:VHN-431056
db:VULMONid:CVE-2022-34153
db:JVNDBid:JVNDB-2022-019925
db:CNNVDid:CNNVD-202302-1329
db:NVDid:CVE-2022-34153

LAST UPDATE DATE

2024-08-14T12:11:58.694000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-431056date:2023-03-02T00:00:00
db:VULMONid:CVE-2022-34153date:2023-02-17T00:00:00
db:JVNDBid:JVNDB-2022-019925date:2023-10-30T05:07:00
db:CNNVDid:CNNVD-202302-1329date:2023-03-03T00:00:00
db:NVDid:CVE-2022-34153date:2023-03-02T14:26:27.817

SOURCES RELEASE DATE

db:VULHUBid:VHN-431056date:2023-02-16T00:00:00
db:VULMONid:CVE-2022-34153date:2023-02-16T00:00:00
db:JVNDBid:JVNDB-2022-019925date:2023-10-30T00:00:00
db:CNNVDid:CNNVD-202302-1329date:2023-02-16T00:00:00
db:NVDid:CVE-2022-34153date:2023-02-16T20:15:14.603