CVE-2025-14612

CWE-3773 documents3 sources
Severity
5.4MEDIUM
EPSS
0.0%
top 95.65%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Intel Quartus PrimeAltera Quartus Prime PRO
Timeline
PublishedJan 7

Description

Insecure Temporary File vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1.

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages2 packages

CVEListV5altera/quartus_prime_pro24.125.1.1
NVDintel/quartus_prime24.125.3

🔴Vulnerability Details

2
GHSA
GHSA-gg9r-qr35-cfrw: Insecure Temporary File vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows : Use of Predictable File Names2026-01-07
CVEList
Quartus Prime Pro Edition Advisory2026-01-06
CVE-2025-14612 (MEDIUM CVSS 5.4) | Insecure Temporary File vulnerabili | cvebase.io