CVE-2021-0158 [Medium] | Input Validation Bypass in Celeron N2805

CVE-2021-0158 is rated Low Risk (34.3/100): CVSS Medium severity, with low exploitation likelihood (EPSS 0.08%). Monitor for updates and reassess as exploit intelligence or EPSS changes.

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2025-11-25	1.30%	0.08%	-1.21%
2	2025-11-21	0.06%	1.30%	+1.24%
3	2025-11-18	—	0.06%	—

Date

Old EPSS score

New EPSS score

Delta (New - Old)

2025-11-25

1.30%

0.08%

-1.21%

2025-11-21

0.06%

1.30%

+1.24%

2025-11-18

—

0.06%

—

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
6.7	3.1	MEDIUM	`CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H` Click to expand Attack vector (AV:L) They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by. Attack complexity (AC:L) Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup. Privileges required (PR:H) They need powerful rights—admin, root, or similar—before this pays off. User interaction (UI:N) Nobody has to click “OK” or open a trap file; it can work without a victim helping. Scope (S:U) Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems. Confidentiality (C:H) Serious risk that confidential data gets exposed in a big way. Integrity (I:H) They could widely tamper with or forge data—trust in the data is badly hurt. Availability (A:H) Could take the service down hard or make it unusable for people who depend on it.	0.8	5.9	[email protected]
4.6	2.0	MEDIUM	`AV:L/AC:L/Au:N/C:P/I:P/A:P` Click to expand Access vector (AV:L) Requires local access to the target system. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:P) Partial confidentiality impact. Integrity impact (I:P) Partial integrity impact. Availability impact (A:P) Partial availability impact.	3.9	6.4	[email protected]

Base score

Version

Severity

Vector

Exploitability

Impact

Score source

6.7

3.1

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H Click to expand

Attack vector (AV:L): They already need access on the box, or another person has to do something wrong; it’s not a remote drive-by.
Attack complexity (AC:L): Once they can reach the bug, pulling it off is straightforward—no weird race conditions or rare setup.
Privileges required (PR:H): They need powerful rights—admin, root, or similar—before this pays off.
User interaction (UI:N): Nobody has to click “OK” or open a trap file; it can work without a victim helping.
Scope (S:U): Damage stays in the same “trust bubble” as the broken component—no big spill into unrelated systems.
Confidentiality (C:H): Serious risk that confidential data gets exposed in a big way.
Integrity (I:H): They could widely tamper with or forge data—trust in the data is badly hurt.
Availability (A:H): Could take the service down hard or make it unusable for people who depend on it.

0.8

5.9

[email protected]

4.6

2.0

MEDIUM

AV:L/AC:L/Au:N/C:P/I:P/A:P Click to expand

Access vector (AV:L): Requires local access to the target system.
Access complexity (AC:L): Exploitation conditions are straightforward and predictable.
Authentication (AU:N): No authentication is required.
Confidentiality impact (C:P): Partial confidentiality impact.
Integrity impact (I:P): Partial integrity impact.
Availability impact (A:P): Partial availability impact.

3.9

6.4

[email protected]

OS Trackers for CVE-2021-0158

vendor	priority	summary	link
`redhat`	medium	—	https://access.redhat.com/security/cve/CVE-2021-0158
`suse`	high	CVE-2021-0158 severity important: SUSE including 2 source package names (microcode_ctl, ucode-intel), 34 product×package rows across 34 product lines (HPE Helion OpenStack 8, SUSE CaaS Platform 4.0, … (34 product lines)): Known Not Affected 34.	https://www.suse.com/security/cve/CVE-2021-0158/

Affected software / configurations for CVE-2021-0158

Vendor	Product	Version	Raw CPE
intel	celeron_n2805	—	cpe:2.3:h:intel:celeron_n2805:-:::::::*
intel	celeron_n2806	—	cpe:2.3:h:intel:celeron_n2806:-:::::::*
intel	celeron_n2807	—	cpe:2.3:h:intel:celeron_n2807:-:::::::*
intel	celeron_n2808	—	cpe:2.3:h:intel:celeron_n2808:-:::::::*
intel	celeron_n2810	—	cpe:2.3:h:intel:celeron_n2810:-:::::::*
intel	celeron_n2815	—	cpe:2.3:h:intel:celeron_n2815:-:::::::*
intel	celeron_n2820	—	cpe:2.3:h:intel:celeron_n2820:-:::::::*
intel	celeron_n2830	—	cpe:2.3:h:intel:celeron_n2830:-:::::::*
intel	celeron_n2840	—	cpe:2.3:h:intel:celeron_n2840:-:::::::*
intel	celeron_n2910	—	cpe:2.3:h:intel:celeron_n2910:-:::::::*
intel	celeron_n2920	—	cpe:2.3:h:intel:celeron_n2920:-:::::::*
intel	celeron_n2930	—	cpe:2.3:h:intel:celeron_n2930:-:::::::*
intel	celeron_n2940	—	cpe:2.3:h:intel:celeron_n2940:-:::::::*
intel	celeron_n3000	—	cpe:2.3:h:intel:celeron_n3000:-:::::::*
intel	celeron_n3010	—	cpe:2.3:h:intel:celeron_n3010:-:::::::*
intel	celeron_n3050	—	cpe:2.3:h:intel:celeron_n3050:-:::::::*
intel	celeron_n3060	—	cpe:2.3:h:intel:celeron_n3060:-:::::::*
intel	celeron_n3150	—	cpe:2.3:h:intel:celeron_n3150:-:::::::*
intel	celeron_n3160	—	cpe:2.3:h:intel:celeron_n3160:-:::::::*
intel	celeron_n3350	—	cpe:2.3:h:intel:celeron_n3350:-:::::::*
intel	celeron_n3350e	—	cpe:2.3:h:intel:celeron_n3350e:-:::::::*
intel	celeron_n3450	—	cpe:2.3:h:intel:celeron_n3450:-:::::::*
intel	celeron_n4000	—	cpe:2.3:h:intel:celeron_n4000:-:::::::*
intel	celeron_n4020	—	cpe:2.3:h:intel:celeron_n4020:-:::::::*
intel	celeron_n4100	—	cpe:2.3:h:intel:celeron_n4100:-:::::::*
intel	celeron_n4120	—	cpe:2.3:h:intel:celeron_n4120:-:::::::*
intel	celeron_n4500	—	cpe:2.3:h:intel:celeron_n4500:-:::::::*
intel	celeron_n4505	—	cpe:2.3:h:intel:celeron_n4505:-:::::::*
intel	celeron_n5100	—	cpe:2.3:h:intel:celeron_n5100:-:::::::*
intel	celeron_n5105	—	cpe:2.3:h:intel:celeron_n5105:-:::::::*
intel	celeron_n6210	—	cpe:2.3:h:intel:celeron_n6210:-:::::::*
intel	celeron_n6211	—	cpe:2.3:h:intel:celeron_n6211:-:::::::*
intel	core_i3-1000g1	—	cpe:2.3:h:intel:core_i3-1000g1:-:::::::*
intel	core_i3-1000g4	—	cpe:2.3:h:intel:core_i3-1000g4:-:::::::*
intel	core_i3-1005g1	—	cpe:2.3:h:intel:core_i3-1005g1:-:::::::*
intel	core_i3-10100	—	cpe:2.3:h:intel:core_i3-10100:-:::::::*
intel	core_i3-10100e	—	cpe:2.3:h:intel:core_i3-10100e:-:::::::*
intel	core_i3-10100f	—	cpe:2.3:h:intel:core_i3-10100f:-:::::::*
intel	core_i3-10100t	—	cpe:2.3:h:intel:core_i3-10100t:-:::::::*
intel	core_i3-10100te	—	cpe:2.3:h:intel:core_i3-10100te:-:::::::*
intel	core_i3-10100y	—	cpe:2.3:h:intel:core_i3-10100y:-:::::::*
intel	core_i3-10105	—	cpe:2.3:h:intel:core_i3-10105:-:::::::*
intel	core_i3-10105f	—	cpe:2.3:h:intel:core_i3-10105f:-:::::::*
intel	core_i3-10105t	—	cpe:2.3:h:intel:core_i3-10105t:-:::::::*
intel	core_i3-10110u	—	cpe:2.3:h:intel:core_i3-10110u:-:::::::*
intel	core_i3-10110y	—	cpe:2.3:h:intel:core_i3-10110y:-:::::::*
intel	core_i3-10300	—	cpe:2.3:h:intel:core_i3-10300:-:::::::*
intel	core_i3-10300t	—	cpe:2.3:h:intel:core_i3-10300t:-:::::::*
intel	core_i3-10305	—	cpe:2.3:h:intel:core_i3-10305:-:::::::*
intel	core_i3-10305t	—	cpe:2.3:h:intel:core_i3-10305t:-:::::::*
intel	core_i3-10320	—	cpe:2.3:h:intel:core_i3-10320:-:::::::*
intel	core_i3-10325	—	cpe:2.3:h:intel:core_i3-10325:-:::::::*
intel	core_i3-11100he	—	cpe:2.3:h:intel:core_i3-11100he:-:::::::*
intel	core_i3-1110g4	—	cpe:2.3:h:intel:core_i3-1110g4:-:::::::*
intel	core_i3-1115g4	—	cpe:2.3:h:intel:core_i3-1115g4:-:::::::*
intel	core_i3-1115g4e	—	cpe:2.3:h:intel:core_i3-1115g4e:-:::::::*
intel	core_i3-1115gre	—	cpe:2.3:h:intel:core_i3-1115gre:-:::::::*
intel	core_i3-1120g4	—	cpe:2.3:h:intel:core_i3-1120g4:-:::::::*
intel	core_i3-1125g4	—	cpe:2.3:h:intel:core_i3-1125g4:-:::::::*
intel	core_i3-7020u	—	cpe:2.3:h:intel:core_i3-7020u:-:::::::*
intel	core_i3-7100	—	cpe:2.3:h:intel:core_i3-7100:-:::::::*
intel	core_i3-7100e	—	cpe:2.3:h:intel:core_i3-7100e:-:::::::*
intel	core_i3-7100h	—	cpe:2.3:h:intel:core_i3-7100h:-:::::::*
intel	core_i3-7100t	—	cpe:2.3:h:intel:core_i3-7100t:-:::::::*
intel	core_i3-7100u	—	cpe:2.3:h:intel:core_i3-7100u:-:::::::*
intel	core_i3-7101e	—	cpe:2.3:h:intel:core_i3-7101e:-:::::::*
intel	core_i3-7101te	—	cpe:2.3:h:intel:core_i3-7101te:-:::::::*
intel	core_i3-7102e	—	cpe:2.3:h:intel:core_i3-7102e:-:::::::*
intel	core_i3-7130u	—	cpe:2.3:h:intel:core_i3-7130u:-:::::::*
intel	core_i3-7167u	—	cpe:2.3:h:intel:core_i3-7167u:-:::::::*
intel	core_i3-7300	—	cpe:2.3:h:intel:core_i3-7300:-:::::::*
intel	core_i3-7300t	—	cpe:2.3:h:intel:core_i3-7300t:-:::::::*
intel	core_i3-7320	—	cpe:2.3:h:intel:core_i3-7320:-:::::::*
intel	core_i3-7350k	—	cpe:2.3:h:intel:core_i3-7350k:-:::::::*
intel	core_i3-8100	—	cpe:2.3:h:intel:core_i3-8100:-:::::::*
intel	core_i3-8100b	—	cpe:2.3:h:intel:core_i3-8100b:-:::::::*
intel	core_i3-8100h	—	cpe:2.3:h:intel:core_i3-8100h:-:::::::*
intel	core_i3-8100t	—	cpe:2.3:h:intel:core_i3-8100t:-:::::::*
intel	core_i3-8109u	—	cpe:2.3:h:intel:core_i3-8109u:-:::::::*
intel	core_i3-8130u	—	cpe:2.3:h:intel:core_i3-8130u:-:::::::*

References for CVE-2021-0158

URL	Tags
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00562.html	Vendor Advisory

URL

CVE-2021-0158

Exploit prediction scoring system (EPSS) score for CVE-2021-0158

Common vulnerability scoring system (CVSS) metrics for CVE-2021-0158

Weakness enumeration for CVE-2021-0158

OS Trackers for CVE-2021-0158

Affected software / configurations for CVE-2021-0158

References for CVE-2021-0158