Escalation of Privilege Vulnerability in Intel Quartus Prime Software
CVE-2024-42405

5.4MEDIUM

Key Information:

Vendor: Intel
Status: Intel(r) Quartus(r) Prime Software
Vendor: CVE Published:; 12 February 2025

What is CVE-2024-42405?

An uncontrolled search path vulnerability exists in Intel Quartus Prime Software versions prior to 23.1.1 Patch 1.01std. This flaw may allow an authenticated user with local access to manipulate system resources, potentially leading to escalation of privilege. It highlights the importance of strict validation checks in configuring paths to ensure that only authorized paths are utilized, safeguarding against unauthorized access and potential compromise of system integrity.

Affected Version(s)

Intel(R) Quartus(R) Prime Software before version 23.1.1 Patch 1.01std

References

https://intel.com/content/www/us/en/security-center/advis...

CVSS V4

Score:

5.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 12, 2025
Vulnerability Reserved
Aug 15, 2024