CVE-2022-21151

high-risk

Published 2022-05-12

Processor optimization removal or modification of security-critical code for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

Do I need to act?

0.05% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (20)

Celeron N6210 Firmware

Celeron N4500 Firmware

Celeron N4505 Firmware

Celeron N5100 Firmware

Celeron N5105 Firmware

Celeron N6211 Firmware

Celeron N4020 Firmware

Celeron N4120 Firmware

Celeron N3350E Firmware

Celeron N4000 Firmware

Celeron N4100 Firmware

Celeron N3350 Firmware

Celeron N3450 Firmware

Celeron N3010 Firmware

Celeron N3060 Firmware

Celeron N3160 Firmware

Celeron N3000 Firmware

Celeron N3050 Firmware

Celeron N3150 Firmware

Celeron N2808 Firmware

Affected Vendors

Debian Intel Netapp

References (6)

Third Party Advisory https://security.netapp.com/advisory/ntap-20220826-0003/

Third Party Advisory https://www.debian.org/security/2022/dsa-5178

Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00617....

Third Party Advisory https://security.netapp.com/advisory/ntap-20220826-0003/

Third Party Advisory https://www.debian.org/security/2022/dsa-5178

Vendor Advisory https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00617....

/ 100

high-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 33/34 · Critical