CVE-2025-14599

MEDIUM

Altera Quartus Prime <24.1 - Buffer Overflow

Title source: llm

Description

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard Installer (SFX) on Windows, Altera Quartus Prime Lite Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1.

References (1)

[Vendor Advisory] https://www.altera.com/security/security-advisory/asa-0005

Scores

CVSS v3 6.7

EPSS 0.0001

EPSS Percentile 2.7%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Classification

CWE

CWE-427

Status published

Affected Products (2)

intel/quartus_prime < 25.1

Timeline

Published Jan 07, 2026

Tracked Since Feb 18, 2026