Intel Unveils 34 New Security Vulnerabilities: Urgent Thunderbolt Updates Required

by do son · February 19, 2024

Recently, Intel disclosed a total of 34 security vulnerabilities, encompassing 32 software issues and 2 firmware issues. These vulnerabilities affect a wide range of components, including chipset groups, Wi-Fi, and drivers for other components, as well as applications such as XTU, the oneAPI toolkit, and Intel Unison.

Despite the large number of security flaws identified, the majority pose low-risk levels, and Intel has already issued patches. Users are advised to update their systems to mitigate these vulnerabilities. In reality, most of these vulnerabilities occur in aspects of the system that users rarely interact with, such as battery life diagnostic tools, or in features that users may not use or even be aware of.

The Thunderbolt interface has been notably affected, involving both software and firmware vulnerabilities. In response, Intel recommends that all affected users promptly update their Thunderbolt drivers and controller firmware. Intel has detailed 20 specific vulnerabilities within these drivers, including those that could allow attackers to escalate privileges, conduct denial-of-service attacks, and steal data, with three classified as “high” risk. Fortunately, most of the Thunderbolt vulnerabilities require local access to exploit, meaning physical or remote access to the vulnerable computer, or social engineering tactics to gain physical access, which somewhat reduces the risk.

The high-risk Thunderbolt interface vulnerabilities include:

CVE-2023-22293 (CVSS 8.2): Improper access control in the Intel(R) Thunderbolt(TM) DCH drivers for Windows may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-25777 (CVSS 7.9): Improper access control in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2023-22342 (CVSS 7.7): Improper input validation in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access.

Because some types of drivers do not automatically update, users concerned about being impacted are advised to manually update their systems.