Vulnerability Database

314,342

Total vulnerabilities in the database

CVE-2022-27233

XML injection in the Quartus(R) Prime Programmer included in the Intel(R) Quartus Prime Pro and Standard edition software may allow an unauthenticated user to potentially enable information disclosure via network access.

Published: Nov 11, 2022
Updated: Nov 16, 2025
CVE: CVE-2022-27233
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.5
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWEs:

CWE-91

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
intel / quartus_prime	-	21.1.x
intel / quartus_prime	-	22.1

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00659.html

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo