Primary

Context

Altera Quartus Prime Standard and Lite Installers Insecure Temporary File Vulnerability

Vulnerability

Patched

A vulnerability allowing binary planting attacks has been identified in the Altera Quartus Prime Standard and Lite Edition Installers (SFX) for Windows, versions 23.1 prior to 24.1. This vulnerability arises from insecure temporary file handling, which could be exploited to escalate privileges. The issue is not present in the Linux versions of the software.

Impact

Exploitation of this vulnerability could lead to unauthorized privilege escalation.

Remediation

Users are advised to upgrade to the Quartus 25.1 Standard Edition installer or Quartus 25.1 Lite Edition installer. For those using older versions of Quartus Prime Standard or Lite, downloading the individual installation files directly from the Altera download page will avoid this issue, as these files are not affected by the vulnerability.

Added: Jan 7, 2026, 3:22 PM

Updated: Jan 7, 2026, 3:22 PM

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

7.5

exploitability

3.3

remediation

7.7

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.4

impact

7.5

exploitability

3.3

remediation

7.7

relevance

1.9

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Altera Quartus Prime Standard and Lite Installers Insecure Temporary File Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Altera Quartus Prime Standard Edition Installer

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating