Uncontrolled Search Path Vulnerability in Intel Quartus Prime Standard Edition Software
CVE-2022-27187

7.8HIGH

Key Information:

Vendor: Intel
Status: Intel(r) Quartus Prime Standard Edition Software
Vendor: CVE Published:; 11 November 2022

Summary

The Intel Quartus Prime Standard edition software, prior to version 21.1 Patch 0.02std, contains an uncontrolled search path element vulnerability. This flaw may allow an authenticated user to exploit local access to escalate privileges within the system, potentially compromising its security and integrity. Timely updates and patches are recommended to mitigate this risk.

Affected Version(s)

Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 11, 2022
Vulnerability Reserved
Apr 5, 2022