Improper Input Validation in Intel Thunderbolt Drivers for Windows
CVE-2023-22342

7.7HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Thunderbolt(tm) Dch Drivers For Windows
Vendor: CVE Published:; 14 February 2024

What is CVE-2023-22342?

The vulnerability involves improper input validation in specific Intel Thunderbolt DCH drivers for Windows that precede version 88. An authenticated user with local access may exploit this flaw, potentially leading to privilege escalation. This issue highlights the importance of maintaining updated drivers and adhering to security best practices to protect sensitive data and system integrity. Users are encouraged to review the security advisory for detailed guidance and remediation steps.

Affected Version(s)

Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Feb 24, 2023