CVE-2025-14605

CWE-4273 documents3 sources
Severity
5.4MEDIUM
EPSS
0.0%
top 96.05%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Intel Quartus PrimeAltera Quartus Prime PRO
Timeline
PublishedJan 7

Description

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1.

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5altera/quartus_prime_pro17.025.1.1
NVDintel/quartus_prime17.025.1.1

🔴Vulnerability Details

2
GHSA
GHSA-3hxf-g9w5-rj6x: Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking2026-01-07
CVEList
Quartus Prime Pro Edition Advisory2026-01-06
CVE-2025-14605 (MEDIUM CVSS 5.4) | Uncontrolled Search Path Element vu | cvebase.io