CVE-2024-21837

Uncontrolled search path in some Intel(R) Quartus(R) Prime Lite Edition Design software before version 23.1 may allow an authenticated user to potentially enable escalation of privilege via local access.

Published: May 16, 2024
Updated: May 4, 2025
CVE: CVE-2024-21837
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.3
AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CWEs:

CWE-427

Affected Software
References

Software	From	Fixed in
intel / quartus_prime	-	23.1

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01055.html

Vulnerability Database

290,020

CVE-2024-21837