CVE-2022-36794
Description
Improper condition check in some Intel(R) SPS firmware before version SPS_E3_06.00.03.300.0 may allow a privileged user to potentially enable denial of service via local access.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Improper condition check in Intel SPS firmware before SPS_E3_06.00.03.300.0 allows a privileged local user to cause denial of service.
Vulnerability
An improper condition check vulnerability exists in some Intel(R) Server Platform Services (SPS) firmware versions prior to SPS_E3_06.00.03.300.0 [1]. This flaw resides in the firmware's handling of certain conditions, and exploitation requires the attacker to have local access with elevated privileges.
Exploitation
An attacker with local privileged access can trigger the improper condition check by sending specially crafted inputs or sequences to the SPS firmware. The exact exploitation steps are not publicly detailed, but the condition check failure leads to a denial of service condition.
Impact
Successful exploitation results in a denial of service (DoS) affecting the availability of the system. The attacker, already having privileged access, does not gain additional privileges or data access; the impact is limited to causing the system or SPS component to become unresponsive or crash.
Mitigation
Intel has released updated firmware version SPS_E3_06.00.03.300.0 to address this vulnerability [1]. Users should update to this version or later. No workarounds are documented. This CVE is not listed on the CISA Known Exploited Vulnerabilities (KEV) catalog as of publication.
AI Insight generated on May 25, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1News mentions
0No linked articles in our index yet.