CVE-2023-28396

Name of the Vulnerable Software and Affected Versions Intel(R) Thunderbolt(TM) Controllers versions prior to 41

Description The issue is related to improper access control in the firmware of some Intel(R) Thunderbolt(TM) Controllers, which may allow a privileged user to enable denial of service via local access. This can be exploited by an attacker to cause a disruption in service.

Recommendations For Intel(R) Thunderbolt(TM) Controllers versions prior to 41, update the firmware to version 41 or later to resolve the issue. As a temporary workaround, consider restricting local access to the Thunderbolt controllers to minimize the risk of exploitation.