Class Actions Lawsuits
Product Liability

Intel CPU 'Downfall' Security Vulnerability Class Action

Product Liability class action lawsuit

Case Overview

In August 2023, Intel disclosed a critical hardware security vulnerability dubbed 'Downfall' (formally CVE-2022-40982) affecting Intel Core processors from the 6th through 11th generations — chips sold in hundreds of millions of laptops, desktops, and servers worldwide between 2015 and 2021. The flaw, rooted in Intel's memory optimization features, allows a malicious actor to access and steal sensitive data — including passwords, encryption keys, and private communications — from other users or applications sharing the same processor. Security researchers at Google discovered the vulnerability and privately disclosed it to Intel nearly a year before the public announcement.

Class action lawsuits filed in federal court allege that Intel sold processors it knew or should have known were defective, failed to timely disclose the vulnerability to consumers, and left users with an unacceptable choice: continue using insecure chips or apply Intel-issued microcode patches that independent benchmarks found reduced processor performance by as much as 50% in certain workloads — effectively degrading the product consumers paid for. Plaintiffs seek compensation for the diminished value of affected CPUs, lost productivity, and the costs of hardware upgrades necessitated by the security flaw. The case is part of a growing wave of CPU-level vulnerability litigation that also includes prior cases over Intel's Spectre and Meltdown flaws.

Who May Qualify

Individuals or businesses who purchased a device containing an Intel Core processor from the 6th through 11th generations (roughly 2015–2021 models), experienced performance degradation after applying Intel's Downfall security patches, or were exposed to data theft risk due to the unpatched vulnerability.

Frequently Asked Questions

What is the Intel Downfall CPU vulnerability?

Downfall (CVE-2022-40982) is a hardware security flaw in Intel Core processors (6th–11th generation) that allows attackers to steal sensitive data — like passwords and encryption keys — from other users sharing the same CPU. Intel disclosed the vulnerability in August 2023 after it was discovered by a Google security researcher.

Did Intel's security patch fix the Downfall vulnerability?

Intel released a microcode patch to address the Downfall vulnerability, but independent testing found the fix reduced processor performance by up to 50% in some workloads. This performance degradation is a central issue in the class action, as plaintiffs argue it amounts to selling them a defective product.

Can I sue Intel if my computer was affected by Downfall?

If you own a device with an affected Intel processor (6th–11th gen Core CPUs sold approximately 2015–2021), you may be eligible to join the class action. The lawsuit seeks compensation for reduced CPU performance caused by patches and the diminished value of processors that were found to have a fundamental security defect.