Uncontrolled Search Path Vulnerability in Intel Quartus Prime Pro Software
CVE-2022-41693

6.7MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Quartus(r) Prime Pro Edition Software
Vendor: CVE Published:; 10 May 2023

Summary

The Intel Quartus Prime Pro software prior to version 22.3 is vulnerable to an uncontrolled search path flaw. This issue could allow an authenticated user to exploit local access, potentially leading to elevation of privileges within the system. It is crucial for users to update to the latest version to mitigate the risks associated with this vulnerability.

Affected Version(s)

Intel(R) Quartus(R) Prime Pro edition software before version 22.3

References

https://www.intel.com/content/www/us/en/security-center/a...

CVSS V3.1

Score:

6.7

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
May 10, 2023
Vulnerability Reserved
Oct 12, 2022