CVE-2025-13670Uncontrolled Search Path Element in High Level Synthesis Compiler

CWE-427Uncontrolled Search Path Element3 documents3 sources
Severity
5.4MEDIUMNVD
EPSS
0.0%
top 93.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Altera High Level Synthesis CompilerIntel High Level Synthesis Compiler
Timeline
PublishedDec 12

Description

The High Level Synthesis Compiler i++ command for Windows is vulnerable to a DLL planting vulnerability

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5altera/high_level_synthesis_compiler19.124.3

🔴Vulnerability Details

2
CVEList
High Level Synthesis Compiler Security Advisory2025-12-12
GHSA
GHSA-p268-fqx2-j4vp: The High Level Synthesis Compiler i++ command for Windows is vulnerable to a DLL planting vulnerability2025-12-12
CVE-2025-13670 — Uncontrolled Search Path Element | cvebase