CVE-2025-14614Insecure Temporary File in Intel Quartus Prime

CWE-377Insecure Temporary File3 documents3 sources
Severity
5.4MEDIUMNVD
EPSS
0.0%
top 95.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Intel Quartus PrimeAltera Quartus Prime LiteAltera Quartus Prime Standard
Timeline
PublishedJan 7

Description

Insecure Temporary File vulnerability in Altera Quartus Prime Standard Installer (SFX) on Windows, Altera Quartus Prime Lite Installer (SFX) on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1.

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages3 packages

CVEListV5altera/quartus_prime_lite23.124.1
CVEListV5altera/quartus_prime_standard23.124.1
NVDintel/quartus_prime23.125.1

🔴Vulnerability Details

2
GHSA
GHSA-r5x9-xq27-vvxh: Insecure Temporary File vulnerability in Altera Quartus Prime Standard Installer (SFX) on Windows, Altera Quartus Prime Lite Installer (SFX) on Wi2026-01-07
CVEList
Quartus® Prime Standard and Quartus® Prime Lite Security Advisory2026-01-06
CVE-2025-14614 — Insecure Temporary File in Intel | cvebase