PT-2020-4919 · Intel · Intel Thunderbolt Dch Drivers

Published

2020-11-10

Updated

2020-11-24

CVE-2020-12327

CVSS v2.0

4.5

Medium

Vector

AV:L/AC:H/Au:S/C:P/I:C/A:N

Name of the Vulnerable Software and Affected Versions: Intel(R) Thunderbolt(TM) DCH drivers for Windows* versions prior to 72

Description: The issue is related to insecure default variable initialization in some Intel(R) Thunderbolt(TM) DCH drivers. This may allow a privileged user to potentially enable information disclosure via local access.

Recommendations: For versions prior to 72, update to version 72 or later to resolve the issue. As a temporary workaround, consider restricting local access to minimize the risk of exploitation.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-1188CWE-453

Related Identifiers

BDU:2020-05494

CVE-2020-12327

Affected Products

Intel Thunderbolt Dch Drivers

PT-2020-4919 · Intel · Intel Thunderbolt Dch Drivers

CVE-2020-12327

Weakness Enumeration

Related Identifiers

Affected Products

References · 6