CVE-2023-22293

Vulnerability

An improper access control vulnerability exists in the Intel(R) Thunderbolt(TM) DCH drivers for Windows. This flaw allows an authenticated user to potentially escalate privileges via local access. The vulnerability resides in the driver's handling of access controls, which may be bypassed under certain conditions. Affected versions include those prior to the fixed release provided in Intel advisory INTEL-SA-00851 [1].

Exploitation

An attacker must have local access to the system and be authenticated as a user. The exploitation does not require any special privileges beyond normal user access. The attacker can exploit the improper access control to execute operations that should be restricted, leading to privilege escalation. The exact steps involve leveraging the driver's flawed access control mechanism to gain elevated permissions.

Impact

Successful exploitation allows an authenticated attacker to escalate privileges on the affected system. This could result in the attacker gaining administrative or system-level privileges, potentially leading to full compromise of the confidentiality, integrity, and availability of the system.

Mitigation

Intel has released updates to address this vulnerability. Users should update to the latest version of the Intel Thunderbolt DCH drivers as indicated in Intel advisory INTEL-SA-00851 [1]. No workarounds are mentioned in the available references. If the system is not updated, it remains vulnerable to local privilege escalation.