Lucene search

HP Product Security Response TeamHPSBHF03911

HistoryFeb 13, 2024 - 12:00 a.m.

Intel Thunderbolt Controller February 2024 Security Update

2024-02-1300:00:00

HP Product Security Response Team

support.hp.com

intel

thunderbolt controllers

security vulnerability

firmware updates

affected platforms

softpaqs

6.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:H

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Intel has informed HP of a potential security vulnerability in some Intel® Thunderbolt™ Controllers, which might allow denial of service. Intel is releasing firmware updates to mitigate this potential vulnerability.

Intel has released updates to mitigate the potential vulnerability. HP has identified affected platforms and corresponding SoftPaqs with minimum versions that mitigate the potential vulnerability. See the affected platforms listed below.

Affected configurations

Vulners

Node

hphp_thunderbolt_dock_120w_g4Range<1.4.18.0

hphp_thunderbolt_dock_280w_g4_w\/combo_cableRange<1.4.18.0

CPENameOperatorVersion
hp thunderbolt dock 120w g4lt1.4.18.0
hp thunderbolt dock 280w g4 w/combo cablelt1.4.18.0

CPE	Name	Operator	Version
	hp thunderbolt dock 120w g4	lt	1.4.18.0
	hp thunderbolt dock 280w g4 w/combo cable	lt	1.4.18.0

6.1 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

NONE

Integrity Impact

LOW

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:N/I:L/A:H

7.2 High

AI Score

Confidence

High

0.0004 Low

EPSS

Percentile

9.1%

JSON

Related for HPSBHF03911