CVE-2025-14625

CWE-4273 documents3 sources
Severity
5.4MEDIUM
EPSS
0.0%
top 99.63%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Intel Quartus PrimeAltera Quartus Prime LiteAltera Quartus Prime Standard
Timeline
PublishedJan 7

Description

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II Command Shell modules), Altera Quartus Prime Lite on Windows (Nios II Command Shell modules) allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 19.1 through 24.1; Quartus Prime Lite: from 19.1 through 24.1.

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Affected Packages3 packages

CVEListV5altera/quartus_prime_lite19.124.1
CVEListV5altera/quartus_prime_standard19.124.1
NVDintel/quartus_prime19.125.1

🔴Vulnerability Details

2
GHSA
GHSA-fg3w-gvfh-562h: Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II Command Shell modules), Altera Quartus Prime Lite2026-01-07
CVEList
Quartus® Prime Standard and Quartus® Prime Lite Security Advisory2026-01-06
CVE-2025-14625 (MEDIUM CVSS 5.4) | Uncontrolled Search Path Element vu | cvebase.io