Intel Quartus Prime vulnerabilities

CVE-2025-14596 [MEDIUM] CWE-427 CVE-2025-14596: Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on Wi Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1.

CVE-2025-14605 [MEDIUM] CWE-427 CVE-2025-14605: Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Consol Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1.

CVE-2025-14612 [MEDIUM] CWE-377 CVE-2025-14612: Insecure Temporary File vulnerability in Altera Quartus Prime Pro  Installer (SFX) on Windows all Insecure Temporary File vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1.

CVE-2025-14614 [MEDIUM] CWE-377 CVE-2025-14614: Insecure Temporary File vulnerability in Altera Quartus Prime Standard  Installer (SFX) on Window Insecure Temporary File vulnerability in Altera Quartus Prime Standard Installer (SFX) on Windows, Altera Quartus Prime Lite Installer (SFX) on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1.

CVE-2025-14599 [MEDIUM] CWE-427 CVE-2025-14599: Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard Installer (SFX) o Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard Installer (SFX) on Windows, Altera Quartus Prime Lite Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1.

CVE-2025-14625 [MEDIUM] CWE-427 CVE-2025-14625: Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II Command Shell modules), Altera Quartus Prime Lite on Windows (Nios II Command Shell modules) allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 19.1 through 24.1; Quartus Prime Lite: from 19.1 through 24.1.

CVE-2025-13665 [MEDIUM] CWE-427 CVE-2025-13665: The System Console Utility for Windows is vulnerable to a DLL planting vulnerability The System Console Utility for Windows is vulnerable to a DLL planting vulnerability

CVE-2025-13663 [MEDIUM] CWE-279 CVE-2025-13663: Under certain circumstances, the Quartus Prime Pro Installer for Windows does not check the permissi Under certain circumstances, the Quartus Prime Pro Installer for Windows does not check the permissions of the Quartus target installation directory if the target installation directory already exists.

CVE-2025-13664 [MEDIUM] CWE-427 CVE-2025-13664: A potential security vulnerability in Quartus® Prime Standard Edition Design Software may allow esca A potential security vulnerability in Quartus® Prime Standard Edition Design Software may allow escalation of privilege.

CVE-2025-13668 [MEDIUM] CWE-427 CVE-2025-13668: A potential security vulnerability in Quartus® Prime Pro Edition Design Software may allow escalatio A potential security vulnerability in Quartus® Prime Pro Edition Design Software may allow escalation of privilege.

CVE-2024-38383 [MEDIUM] CWE-427 CVE-2024-38383: Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition software for Windows before Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition software for Windows before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2024-38668 [MEDIUM] CWE-427 CVE-2024-38668: Uncontrolled search path for some Intel(R) Quartus(R) Prime Standard Edition software for Windows be Uncontrolled search path for some Intel(R) Quartus(R) Prime Standard Edition software for Windows before version 23.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2024-22184 [MEDIUM] CWE-427 CVE-2024-22184: Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition Design Software before versi Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition Design Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2024-23907 [MEDIUM] CWE-427 CVE-2024-23907: Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2024-21809 [MEDIUM] CWE-92 CVE-2024-21809: Improper conditions check for some Intel(R) Quartus(R) Prime Lite Edition Design software before ver Improper conditions check for some Intel(R) Quartus(R) Prime Lite Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2024-21777 [MEDIUM] CWE-427 CVE-2024-21777: Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro Edition Design software before versio Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro Edition Design software before version 23.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2024-21862 [MEDIUM] CWE-427 CVE-2024-21862: Uncontrolled search path in some Intel(R) Quartus(R) Prime Standard Edition Design software before v Uncontrolled search path in some Intel(R) Quartus(R) Prime Standard Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2024-21837 [MEDIUM] CWE-427 CVE-2024-21837: Uncontrolled search path in some Intel(R) Quartus(R) Prime Lite Edition Design software before versi Uncontrolled search path in some Intel(R) Quartus(R) Prime Lite Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE-2023-24478 [MEDIUM] CWE-330 CVE-2023-24478: Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Q Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Quartus(R) Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access.

CVE-2023-24016 [MEDIUM] CWE-427 CVE-2023-24016: Uncontrolled search path element in some Intel(R) Quartus(R) Prime Pro and Standard edition software Uncontrolled search path element in some Intel(R) Quartus(R) Prime Pro and Standard edition software for linux may allow an authenticated user to potentially enable escalation of privilege via local access.