CVE-2022-29466
Description
Improper input validation in firmware for Intel(R) SPS before version SPS_E3_04.01.04.700.0 may allow an authenticated user to potentially enable denial of service via local access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Improper input validation in Intel SPS firmware before version SPS_E3_04.01.04.700.0 allows an authenticated local attacker to cause denial of service.
Vulnerability
Improper input validation in the firmware for Intel(R) Server Platform Services (SPS) before version SPS_E3_04.01.04.700.0 may allow an authenticated user to cause denial of service via local access [1]. The vulnerability exists in the firmware component that handles input validation, and the affected versions are those prior to the specified fixed version.
Exploitation
An attacker must have local access to the system and be authenticated. The exploitation involves sending specially crafted input to the vulnerable firmware interface, triggering the improper validation and leading to a denial of service condition [1]. No user interaction beyond authentication is required.
Impact
Successful exploitation results in denial of service, potentially rendering the system unavailable. The impact is limited to availability, with no indication of information disclosure or privilege escalation [1].
Mitigation
Intel has released firmware version SPS_E3_04.01.04.700.0 to address this vulnerability. Users should update to this version or later. No workarounds are mentioned in the advisory [1]. The vulnerability is not listed in the CISA KEV catalog as of the publication date.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.