Quartus® Prime Standard and Quartus® Prime Lite Security Advisory

5.4 / 10

MEDIUM

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II Command Shell modules), Altera Quartus Prime Lite on Windows (Nios II Command Shell modules) allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 19.1 through 24.1; Quartus Prime Lite: from 19.1 through 24.1.

Basic Information

ID CVE-2025-14625

Source Altera

Published Jan 6, 2026 at 21:42

Modified Jan 6, 2026 at 21:49

Affected Product

Vendor Altera

Product Quartus Prime Standard

Version 19.1

Affected Versions Altera Quartus Prime Standard 19.1
Altera Quartus Prime Lite 19.1

CWE Classification

CWE-427

References

www.altera.com /security/security-advisory/asa-0005

{
    "lastseen": "",
    "description": "Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Standard on Windows (Nios II Command Shell modules), Altera Quartus Prime Lite on Windows (Nios II Command Shell modules) allows Search Order Hijacking.This issue affects Quartus Prime Standard: from 19.1 through 24.1; Quartus Prime Lite: from 19.1 through 24.1.",
    "published": "2026-01-06T21:42:28.480Z",
    "modified": "2026-01-06T21:49:33.995Z",
    "type": "cve",
    "title": "Quartus\u00ae Prime Standard and Quartus\u00ae Prime Lite Security Advisory",
    "source": "Altera",
    "references": "https://www.altera.com/security/security-advisory/asa-0005",
    "id": "CVE-2025-14625",
    "bulletinFamily": "",
    "cwe": [
        "CWE-427"
    ],
    "cvelist": null,
    "sourceData": "Altera Quartus Prime Standard 19.1\nAltera Quartus Prime Lite 19.1",
    "sourceHref": "",
    "cvss": {
        "score": 5.4,
        "severity": "MEDIUM",
        "vector": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Quartus Prime Standard",
    "version": "19.1",
    "vendor": "Altera",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Quartus® Prime Standard and Quartus® Prime Lite Security Advisory_CVE-2025-14625