{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-14614", "assignerOrgId": "04c0172e-9735-4a9d-a92a-fe01fa863447", "state": "PUBLISHED", "assignerShortName": "Altera", "dateReserved": "2025-12-12T20:46:03.303Z", "datePublished": "2026-01-06T21:38:05.375Z", "dateUpdated": "2026-01-06T21:49:00.340Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "modules": ["Installer"], "platforms": ["Windows"], "product": "Quartus Prime Standard", "vendor": "Altera", "versions": [{"lessThanOrEqual": "24.1", "status": "affected", "version": "23.1", "versionType": "custom"}]}, {"defaultStatus": "unaffected", "modules": ["Installer"], "platforms": ["Windows"], "product": "Quartus Prime Lite", "vendor": "Altera", "versions": [{"lessThanOrEqual": "24.1", "status": "affected", "version": "23.1", "versionType": "custom"}]}], "cpeApplicability": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:altera:quartus_prime_standard:*:*:windows:*:*:*:*:*", "versionEndIncluding": "24.1", "versionStartIncluding": "23.1", "vulnerable": true}], "negate": false, "operator": "OR"}, {"cpeMatch": [{"criteria": "cpe:2.3:a:altera:quartus_prime_lite:*:*:windows:*:*:*:*:*", "versionEndIncluding": "24.1", "versionStartIncluding": "23.1", "vulnerable": true}], "negate": false, "operator": "OR"}], "operator": "OR"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Insecure Temporary File vulnerability in Altera Quartus Prime Standard&nbsp;\n\n<span style=\"background-color: rgb(255, 255, 255);\">Installer (SFX)</span>\n\n on Windows, Altera Quartus Prime Lite&nbsp;\n\n<span style=\"background-color: rgb(255, 255, 255);\">Installer (SFX)</span>\n\n on Windows allows Explore for Predictable Temporary File Names.<p>This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1.</p>"}], "value": "Insecure Temporary File vulnerability in Altera Quartus Prime Standard\u00a0\n\nInstaller (SFX)\n\n on Windows, Altera Quartus Prime Lite\u00a0\n\nInstaller (SFX)\n\n on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1."}], "impacts": [{"capecId": "CAPEC-149", "descriptions": [{"lang": "en", "value": "CAPEC-149 Explore for Predictable Temporary File Names"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "baseScore": 5.4, "baseSeverity": "MEDIUM", "exploitMaturity": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-377", "description": "CWE-377: Insecure Temporary File", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "04c0172e-9735-4a9d-a92a-fe01fa863447", "shortName": "Altera", "dateUpdated": "2026-01-06T21:38:05.375Z"}, "references": [{"url": "https://www.altera.com/security/security-advisory/asa-0005"}], "source": {"discovery": "UNKNOWN"}, "title": "Quartus\u00ae Prime Standard and Quartus\u00ae Prime Lite Security Advisory", "x_generator": {"engine": "Vulnogram 0.5.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-01-06T21:48:49.532347Z", "id": "CVE-2025-14614", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-06T21:49:00.340Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-14614", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-01-06T21:48:49.532347Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-01-06T21:48:54.196Z"}}], "cna": {"title": "Quartus\u00ae Prime Standard and Quartus\u00ae Prime Lite Security Advisory", "source": {"discovery": "UNKNOWN"}, "impacts": [{"capecId": "CAPEC-149", "descriptions": [{"lang": "en", "value": "CAPEC-149 Explore for Predictable Temporary File Names"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.4, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Altera", "modules": ["Installer"], "product": "Quartus Prime Standard", "versions": [{"status": "affected", "version": "23.1", "versionType": "custom", "lessThanOrEqual": "24.1"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}, {"vendor": "Altera", "modules": ["Installer"], "product": "Quartus Prime Lite", "versions": [{"status": "affected", "version": "23.1", "versionType": "custom", "lessThanOrEqual": "24.1"}], "platforms": ["Windows"], "defaultStatus": "unaffected"}], "references": [{"url": "https://www.altera.com/security/security-advisory/asa-0005"}], "x_generator": {"engine": "Vulnogram 0.5.0"}, "descriptions": [{"lang": "en", "value": "Insecure Temporary File vulnerability in Altera Quartus Prime Standard\u00a0\n\nInstaller (SFX)\n\n on Windows, Altera Quartus Prime Lite\u00a0\n\nInstaller (SFX)\n\n on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1.", "supportingMedia": [{"type": "text/html", "value": "Insecure Temporary File vulnerability in Altera Quartus Prime Standard&nbsp;\n\n<span style=\"background-color: rgb(255, 255, 255);\">Installer (SFX)</span>\n\n on Windows, Altera Quartus Prime Lite&nbsp;\n\n<span style=\"background-color: rgb(255, 255, 255);\">Installer (SFX)</span>\n\n on Windows allows Explore for Predictable Temporary File Names.<p>This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-377", "description": "CWE-377: Insecure Temporary File"}]}], "cpeApplicability": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:altera:quartus_prime_standard:*:*:windows:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "24.1", "versionStartIncluding": "23.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:altera:quartus_prime_lite:*:*:windows:*:*:*:*:*", "vulnerable": true, "versionEndIncluding": "24.1", "versionStartIncluding": "23.1"}], "operator": "OR"}], "operator": "OR"}], "providerMetadata": {"orgId": "04c0172e-9735-4a9d-a92a-fe01fa863447", "shortName": "Altera", "dateUpdated": "2026-01-06T21:38:05.375Z"}}}, "cveMetadata": {"cveId": "CVE-2025-14614", "state": "PUBLISHED", "dateUpdated": "2026-01-06T21:49:00.340Z", "dateReserved": "2025-12-12T20:46:03.303Z", "assignerOrgId": "04c0172e-9735-4a9d-a92a-fe01fa863447", "datePublished": "2026-01-06T21:38:05.375Z", "assignerShortName": "Altera"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Insecure Temporary File vulnerability in Altera Quartus Prime Standard\u00a0\n\nInstaller (SFX)\n\n on Windows, Altera Quartus Prime Lite\u00a0\n\nInstaller (SFX)\n\n on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1."}], "id": "CVE-2025-14614", "lastModified": "2026-01-07T12:16:55.467", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "04c0172e-9735-4a9d-a92a-fe01fa863447", "type": "Secondary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "ACTIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "04c0172e-9735-4a9d-a92a-fe01fa863447", "type": "Secondary"}]}, "published": "2026-01-07T12:16:55.467", "references": [{"source": "04c0172e-9735-4a9d-a92a-fe01fa863447", "url": "https://www.altera.com/security/security-advisory/asa-0005"}], "sourceIdentifier": "04c0172e-9735-4a9d-a92a-fe01fa863447", "vulnStatus": "Received", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-377"}], "source": "04c0172e-9735-4a9d-a92a-fe01fa863447", "type": "Secondary"}]}

{}

{}