CVE-2025-14605 | THREATINT

Description

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro on Windows (System Console modules) allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 17.0 through 25.1.1.

PUBLISHED Reserved 2025-12-12 | Published 2026-01-06 | Updated 2026-01-07 | Assigner Altera

MEDIUM: 5.4CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

MEDIUM: 6.7CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Problem types

CWE-427 Uncontrolled Search Path Element

Product status

Default status

unaffected

17.0 (custom)

affected

References

www.altera.com/security/security-advisory/asa-0004

cve.org (CVE-2025-14605)

nvd.nist.gov (CVE-2025-14605)

Download JSON