Improper Access Control in Intel Thunderbolt Drivers for Windows
CVE-2023-25777

7.9HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Thunderbolt(tm) Dch Drivers For Windows
Vendor: CVE Published:; 14 February 2024

Summary

An improper access control vulnerability exists in Intel Thunderbolt DCH drivers for Windows prior to version 88. This vulnerability could allow an authenticated user to escalate privileges through local access. The flaw resides in how authentication and permissions are managed, potentially enabling malicious actions that could impact system integrity and user data. It is crucial for users of affected drivers to apply the latest updates to mitigate risks associated with this vulnerability. For further details, visit Intel's official advisory.

Affected Version(s)

Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.9

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Changed

Timeline

Vulnerability published
Feb 14, 2024
Vulnerability Reserved
Feb 24, 2023