Quartus Prime Pro CVEs and Security Vulnerabilities

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-22184	1 Intel	2 Quartus Prime, Quartus Prime Pro	2025-02-04	6.7 Medium
Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition Design Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2024-38383	2 Intel, Microsoft	3 Quartus Prime, Quartus Prime Pro, Windows	2025-02-04	6.7 Medium
Uncontrolled search path for some Intel(R) Quartus(R) Prime Pro Edition software for Windows before version 24.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2020-12312	1 Intel	3 Quartus Prime Pro, Stratix 10 Fpga, Stratix 10 Fpga Firmware	2024-11-21	6.8 Medium
Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmware provided with the Intel(R) Quartus(R) Prime Pro software before version 20.2 may allow an unauthenticated user to potentially enable escalation of privilege via physical access.
CVE-2018-3688	1 Intel	1 Quartus Prime Programmer And Tools	2024-11-21	N/A
Unquoted service paths in Intel Quartus Prime Programmer and Tools in versions 15.1 - 18.0 allow a local attacker to potentially execute arbitrary code.

Page 1 of 1.