CVE-2025-14612 | THREATINT

Description

Insecure Temporary File vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows : Use of Predictable File Names.This issue affects Quartus Prime Pro: from 24.1 through 25.1.1.

PUBLISHED Reserved 2025-12-12 | Published 2026-01-06 | Updated 2026-01-07 | Assigner Altera

MEDIUM: 5.4CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

MEDIUM: 6.7CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

Problem types

CWE-377: Insecure Temporary File

Product status

Default status

unaffected

24.1 (custom)

affected

References

www.altera.com/security/security-advisory/asa-0004

cve.org (CVE-2025-14612)

nvd.nist.gov (CVE-2025-14612)

Download JSON