43 matches found
CVE-2022-21205
CVE-2022-21205 is an XML External Entity (XXE) vulnerability in Intel® Quartus® Prime Pro Edition’s DSP Builder Pro. Before version 21.3, an unauthenticated attacker could potentially disclose information via network access due to improper restriction of XML external entity references. Affected p...
CVE-2022-21203
Intel Quartus Prime Standard Edition before 21.1 and Pro Edition before 21.3 are affected by CVE-2022-21203 due to improper permissions in the SafeNet Sentinel driver, enabling escalation of privilege via local access for an authenticated user. Root cause is a local-permission issue in the driver...
CVE-2018-3683
Intel Quartus Prime (versions 15.1–18.0) is affected by CVE-2018-3683 due to unquoted service paths in the JTAG server executable, allowing a local attacker to potentially execute arbitrary code with elevated privileges. The Intel advisory INTEL-SA-00151 lists affected products and recommends app...
CVE-2021-44454
Intel’s advisory confirms CVE-2021-44454: a vulnerability in a third‑party component used by Intel® Quartus® Prime Pro Edition before 21.3, caused by improper input validation. The issue enables authenticated local escalation of privilege. Affected product: Intel® Quartus® Prime Pro Edition (befo...
CVE-2022-21174
CVE-2022-21174 involves improper access control in a third-party component used by Intel® Quartus® Prime Pro Edition prior to version 21.3, enabling a locally authenticated user to potentially escalate privileges. The vulnerability is documented across multiple sources (NVD, Red Hat, Intel adviso...
CVE-2022-21220
Intel Quartus Prime Pro Edition before 21.3 is affected by CVE-2022-21220 due to improper restriction of XML external entities (XXE) in the product. The issue could allow an authenticated user to escalate privileges via local access. Affected product is Intel® Quartus® Prime Pro Edition prior to ...
CVE-2024-21777
CVE-2024-21777 : Concrete details exist in connected sources. Intel Quartus Prime Pro Edition Design software is affected by an Uncontrolled search path issue that may allow an authenticated local user to escalate privileges. Affected product: Intel® Quartus® Prime Pro Edition Design software pri...
CVE-2022-21204
Intel Quartus Prime Pro Edition before 21.3 has an improper permissions issue that can allow an authenticated user to escalate privileges via local access. The Intel advisory also notes a separate path affecting Standard Edition up to 21.1. Remediation: upgrade Pro to 21.3+ (and Standard to 21.1+).
CVE-2019-0171
Intel Quartus installers are affected by CVE-2019-0171 due to improper directory permissions that could allow an authenticated user to escalate privileges via local access. Affected products include Intel® Quartus® Prime all versions 15.1–18.1 and Intel® Quartus® II 9.1–15.0. The underlying issue...
CVE-2024-21837
CVE-2024-21837 affects Intel Quartus Prime Lite Edition Design software prior to 23.1. Root cause: uncontrolled search path. Impact: authenticated local user may escalate privileges. Affected product: Intel Quartus Prime Lite Edition; Versions before 23.1. Mitigation: upgrade to version 23.1 or l...
CVE-2024-21862
CVE-2024-21862 concerns Intel’s Quartus Prime Standard Edition Design software prior to version 23.1, where an uncontrolled search path may allow an authenticated user to escalate privileges via local access. The issue is documented across multiple connected sources (NVD entry and Intel advisory)...
CVE-2019-14604
CVE-2019-14604 affects Intel’s Quartus Prime Pro Edition before version 19.3. The issue is a null pointer dereference in the FPGA kernel driver that may allow an authenticated local user to cause a denial of service. Intel’s advisory (INTEL-SA-00311) confirms affected products and recommends upda...
CVE-2024-21809
Intel Quadruples Prime Lite Edition before 23.1 is affected by CVE-2024-21809 due to an improper conditions check that could enable privilege escalation via local access for an authenticated user. The issue affects Intel® Quartus® Prime Lite Edition Design software prior to 23.1; colleagues also ...
CVE-2022-37329
The CVE-2022-37329 entry concerns an Uncontrolled search path in Intel Quartus Prime Pro and Standard Edition software that could enable privilege escalation via local access for an authenticated user. The connected Intel advisory (INTEL-SA-00728) confirms affected products and versions: Quartus ...
CVE-2022-34157
The CVE-2022-34157 issue is an Improper access control in Intel’s FPGA SDK for OpenCL within Intel Quartus Prime Pro Edition software prior to 22.1, enabling an authenticated local user to potentially escalate privileges. Affected products include Intel FPGA SDK for OpenCL and Quartus Prime Pro/S...
CVE-2024-38383
Intel® Quartus® Prime Pro Edition software for Windows before version 24.2 is affected by CVE-2024-38383 due to an uncontrolled search path, which may let an authenticated user escalate privileges via local access. Intel’s advisory recommends updating to version 24.2 or later to mitigate, with a ...
CVE-2022-26888
CVE-2022-26888 is an XSS vulnerability in Intel Quartus Prime Pro and Standard editions. An authenticated user may potentially disclose information via local access. Affected: Intel Quartus Prime Pro before 22.2 and Standard before 22.1STD. CVSSv3.1 base score currently listed as 4.1 (Medium); at...
CVE-2019-14603
Intel Quadru... wait, keep precise:
CVE-2022-32570
CVE-2022-32570 involves Improper authentication in Intel Quartus Prime Pro and Standard editions, enabling an authenticated local user to potentially escalate privileges. The issue affects Intel Quartus Prime Pro and Standard editions; root cause is authentication checks that can be bypassed to g...
CVE-2022-41693
The CVE-2022-41693 issue affects Intel Quartus Prime Pro edition software prior to version 22.3. The root cause is an uncontrolled search path vulnerability in the software, which could allow an authenticated local user to escalate privileges (CVE scope: local, with high impact on confidentiality...
CVE-2024-38668
CVE-2024-38668 affects Intel® Quartus® Prime Standard Edition software for Windows prior to 23.1.1. The issue is an uncontrolled search path that may allow an authenticated user to escalate privileges via local access. Mitigation: upgrade to version 23.1.1 or later. This is supported by Intel adv...
CVE-2024-23907
CVE-2024-23907 affects Intel High Level Synthesis Compiler software prior to version 23.4. The issue is an uncontrolled search path that could allow an authenticated user to escalate privileges with local access. Intel’s advisory (INTEL-SA-01113) lists affected products as Intel High Level Synthe...
CVE-2020-24454
CVE-2020-24454 describes an XXE exposure in Intel Quartus Prime subsystems. The flaw is an improper restriction of XML External Entity Reference that could allow an unauthenticated user to disclose information over the network. Affected products: Intel Quartus Prime Pro before 20.3 and Intel Quar...
CVE-2023-24478
The CVE-2023-24478 issue affects Intel’s Agilex software included in the Intel Quartus Prime Pro Edition for Linux prior to version 22.4. The root cause is the use of insufficiently random values in that software, which could enable information disclosure when an authenticated user local-accesses...
CVE-2022-27187
Intel Quartus Prime Standard edition (before 21.1 Patch 0.02std) is affected by CVE-2022-27187 due to an uncontrolled search path element. An authenticated user could potentially escalate privileges via local access. Impact is described as privilege escalation with local access; the advisory note...
CVE-2022-33892
CVE-2022-33892 describes a path traversal vulnerability in Intel® Quartus® Prime Pro and Standard edition software, potentially allowing an authenticated user to escalate privileges via local access. Intel discloses affected products as Quartus Prime Pro before version 22.2 and Standard before ve...
CVE-2022-27233
XML injection in the Intel Quartus Prime Programmer (Pro/Standard editions) is the root cause of CVE-2022-27233, potentially allowing an unauthenticated user to disclose information via network access. Affected: Quartus Prime Programmer Pro edition before 22.1 and Standard edition before 21.1 Pat...
CVE-2022-33902
CVE-2022-33902 concerns Intel Quartus Prime Pro and Standard edition software, where insufficient control flow management could allow an authenticated user to escalate privileges via local access. The Intel advisory INTEL-SA-00714 documents this CVE alongside related issues and provides mitigatio...
CVE-2022-26840
CVE-2022-26840 affects Intel Quartus Prime Pro and Standard edition software. The issue is due to improper neutralization, enabling an authenticated user to potentially escalate privileges via local access. Intel’s advisory (INTEL-SA-00714) notes mitigations via software updates and lists affecte...
CVE-2024-22184
CVE-2024-22184 affects Intel® Quartus® Prime Pro Edition Design Software prior to version 24.1. The weakness is an uncontrolled search path that may allow an authenticated user with local access to escalate privileges. Risk details in connected sources confirm the vulnerability is local and requi...
CVE-2020-8767
CVE-2020-8767 : Uncaught exception in the Intel 50GbE IP Core for Intel Quartus Prime before version 20.2 may allow an authenticated user to cause a denial of service via local access. Affected product: Intel® Quartus Prime before 20.2 (Intel 50GbE IP Core). Root cause: uncaught exception as desc...
CVE-2023-24016
CVE-2023-24016 affects Intel® Quartus® Prime Pro and Standard edition software for Linux, where an uncontrolled search path element could allow an authenticated user to escalate privileges via local access. Affected products are Intel Quartus Prime Pro (Linux) before version 22.4 and Standard bef...
CVE-2020-8737
The CVE-2020-8737 issue affects Intel Stratix 10 FPGA firmware shipped with Intel Quartus Prime Pro before version 20.1. The root cause is improper buffer restrictions, allowing an unauthenticated attacker with physical access to potentially escalate privileges and/or cause information disclosure...
CVE-2025-13668
Quartus Prime Pro Edition Design Software is cited as potentially allowing privilege escalation. The connected sources consistently reference Quartus Prime Pro Edition Design Software, but none of the provided documents specify affected versions, exact root cause, or a remediation. Public_DETAIL ...
CVE-2025-13665
Technical details about CVE-2025-13665 are not publicly provided in the supplied documents. Please monitor for updates from the vendor and security advisories.
CVE-2025-14612
The CVE-2025-14612 issue is confirmed in Altera Quartus Prime Pro Installer (SFX) on Windows, caused by the installer using predictable temporary file names. Affected: Quartus Prime Pro versions 24.1 through 25.1.1. Impact categories include risks from insecure temporary file handling. Remediatio...
CVE-2025-14596
CVE-2025-14596 affects Altera Quartus Prime Pro Installer (SFX) on Windows, with an Uncontrolled Search Path Element vulnerability that enables search order hijacking. Affected products/versions identified in connected docs: Quartus Prime Pro from 24.1 through 24.3.1. Root cause described as an u...
CVE-2025-14605
CVE-2025-14605 affects Altera Quartus Prime Pro on Windows, specifically System Console modules, with versions 17.0 through 25.1.1 vulnerable to an Uncontrolled Search Path Element, enabling a Search Order Hijacking scenario. The root cause is the presence of an uncontrolled search path element t...
CVE-2025-14625
CVE-2025-14625 concerns an Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard and Quartus Prime Lite for Windows, specifically in the Nios II Command Shell modules. Affected versions are Quartus Prime Standard and Lite 19.1 through 24.1. The issue enables Search Order...
CVE-2025-13664
Technical details are not publicly available in the provided documents; monitor for updates on CVE-2025-13664.
CVE-2025-14599
The CVE-2025-14599 entry concerns an Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Installer (SFX) for Windows. The issue affects Quartus Prime Standard (versions 23.1–24.1) and Quartus Prime Lite (versions 23.1–24.1) and can enable Search Order Hijacking due to an uncont...
CVE-2025-14614
CVE-2025-14614 concerns an insecure temporary file handling in Altera Quartus Prime installers on Windows (Standard Installer SFX and Lite Installer SFX). The underlying issue is predictable temporary file names used during installation, enabling potential exposure via local access. Affected prod...
CVE-2025-13663
CVE-2025-13663 concerns the Quartus Prime Pro Installer for Windows, where, under certain circumstances, the installer does not check the permissions of the target Quartus installation directory if the directory already exists. The issue is documented across multiple sources (NVD, Red Hat, CVE re...