Summaryinfo

A vulnerability classified as problematic has been found in Intel Thunderbolt DCH Drivers on Windows. Affected by this issue is some unknown functionality. Performing a manipulation results in information disclosure. This vulnerability is cataloged as CVE-2023-22390. The attack must be initiated from a local position. There is no exploit available. It is recommended to upgrade the affected component. Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Detailsinfo

A vulnerability, which was classified as problematic, was found in Intel Thunderbolt DCH Drivers on Windows (Hardware Driver Software) (version now known). This affects some unknown processing. The manipulation with an unknown input leads to a information disclosure vulnerability. CWE is classifying the issue as CWE-200. The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. This is going to have an impact on confidentiality. The summary by CVE is:

Improper buffer restrictions in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable information disclosure via local access.

The weakness was shared 02/14/2024 as intel-sa-00851. The advisory is shared at intel.com. This vulnerability is uniquely identified as CVE-2023-22390 since 02/28/2023. Neither technical details nor an exploit are publicly available. MITRE ATT&CK project uses the attack technique T1592 for this issue.

Upgrading eliminates this vulnerability.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Productinfo

Type

• Hardware Driver Software

Vendor

• Intel

Name

• Thunderbolt DCH Drivers

License

• commercial

Website

• Vendor: https://www.intel.com/

CPE 2.3info

• 🔍

CPE 2.2info

• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion