Improper XML External Entity Restrictions in Intel Quartus Prime Editions
CVE-2020-24454

7.5HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Quartus(r) Prime Pro Edition And Intel(r) Quartus(r) Prime Standard Edition
Vendor: CVE Published:; 12 November 2020

What is CVE-2020-24454?

The vulnerability arises from improper handling of XML External Entity (XXE) references in the Intel Quartus Prime Pro and Standard Editions. This flaw allows an unauthenticated user to exploit the system via network access, potentially leading to unauthorized information disclosure. Users of affected versions should upgrade to the latest releases to mitigate the security risk.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Intel(R) Quartus(R) Prime Pro Edition and Intel(R) Quartus(R) Prime Standard Edition Intel(R) Quartus(R) Prime Pro Edition before version 20.3 and Intel(R) Quartus(R) Prime Standard Edition before version 20.2

References

https://www.intel.com/content/www/us/en/security-center/a...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 12, 2020
Vulnerability Reserved
Aug 19, 2020

JSON

Intel

What is CVE-2020-24454?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.