CVE-2023-22293

CWE-284 — Improper Access Control3 documents3 sources

Severity

8.2HIGH

EPSS

0.1%

top 80.67%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Intel Thunderbolt DCH Driver

Timeline

PublishedFeb 14

Latest updateNov 7

Description

Improper access control in the Intel(R) Thunderbolt(TM) DCH drivers for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:HExploitability: 1.5 | Impact: 6.0

Affected Packages2 packages

▶CVEListV5intel(r)_thunderbolt(tm)_dch_drivers_for_windowsSee references

▶NVDintel/thunderbolt_dch_driver< 88

🔴Vulnerability Details

GHSA

GHSA-f578-gpwx-g2j4: Improper access control in the Intel(R) Thunderbolt(TM) DCH drivers for Windows may allow an authenticated user to potentially enable escalation of pr↗2024-11-07

▶

CVEList

CVE-2023-22293: Improper access control in the Intel(R) Thunderbolt(TM) DCH drivers for Windows may allow an authenticated user to potentially enable escalation of pr↗2024-02-14

▶