CVE-2023-24478

MEDIUM

Intel Quartus Prime Pro <22.4 - Info Disclosure

Title source: llm

Description

Use of insufficiently random values for some Intel Agilex(R) software included as part of Intel(R) Quartus(R) Prime Pro Edition for linux before version 22.4 may allow an authenticated user to potentially enable information disclosure via local access.

References (1)

[Patch, Vendor Advisory] http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00850.html

Scores

CVSS v3 5.5

EPSS 0.0006

EPSS Percentile 19.2%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-330

Status published

Products (1)

intel/quartus_prime < 22.4

Published Aug 15, 2023

Tracked Since Feb 18, 2026