CVE-2022-21233

high-risk

Published 2022-08-18

Improper isolation of shared resources in some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

Do I need to act?

0.08% chance of exploitation

EPSS score — low exploit probability

Not on CISA KEV list

No confirmed active exploitation reported to CISA

Patch status unknown

Check vendor advisories for fix availability and mitigation guidance

CVSS 5.5/10 Medium

LOCAL / LOW complexity

Affected Products (20)

Pentium J4205 Firmware

Pentium N4200 Firmware

Pentium N4200E Firmware

Celeron J3455 Firmware

Celeron J3355 Firmware

Celeron J3455E Firmware

Celeron J3355E Firmware

Celeron N3450 Firmware

Celeron N3350 Firmware

Celeron N3350E Firmware

Atom X5-A3930 Firmware

Atom X5-A3940 Firmware

Atom X5-A3950 Firmware

Atom X5-A3960 Firmware

Atom X5-E3940 Firmware

Atom X5-E3930 Firmware

Atom X7-E3950 Firmware

Atom C3308 Firmware

Atom C3336 Firmware

Atom C3338 Firmware

Affected Vendors

Intel

References (6)

https://lists.debian.org/debian-lts-announce/2023/04/msg00000.html

Third Party Advisory https://security.netapp.com/advisory/ntap-20220923-0002/

Mitigation https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657....

https://lists.debian.org/debian-lts-announce/2023/04/msg00000.html

Third Party Advisory https://security.netapp.com/advisory/ntap-20220923-0002/

Mitigation https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657....

/ 100

high-risk

Severity 18/34 · Moderate

Exploitability 0/34 · Minimal

Exposure 33/34 · Critical