{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2025-14614","assignerOrgId":"04c0172e-9735-4a9d-a92a-fe01fa863447","state":"PUBLISHED","assignerShortName":"Altera","dateReserved":"2025-12-12T20:46:03.303Z","datePublished":"2026-01-06T21:38:05.375Z","dateUpdated":"2026-01-06T21:49:00.340Z"},"containers":{"cna":{"affected":[{"defaultStatus":"unaffected","modules":["Installer"],"platforms":["Windows"],"product":"Quartus Prime Standard","vendor":"Altera","versions":[{"lessThanOrEqual":"24.1","status":"affected","version":"23.1","versionType":"custom"}]},{"defaultStatus":"unaffected","modules":["Installer"],"platforms":["Windows"],"product":"Quartus Prime Lite","vendor":"Altera","versions":[{"lessThanOrEqual":"24.1","status":"affected","version":"23.1","versionType":"custom"}]}],"cpeApplicability":[{"nodes":[{"cpeMatch":[{"criteria":"cpe:2.3:a:altera:quartus_prime_standard:*:*:windows:*:*:*:*:*","versionEndIncluding":"24.1","versionStartIncluding":"23.1","vulnerable":true}],"negate":false,"operator":"OR"},{"cpeMatch":[{"criteria":"cpe:2.3:a:altera:quartus_prime_lite:*:*:windows:*:*:*:*:*","versionEndIncluding":"24.1","versionStartIncluding":"23.1","vulnerable":true}],"negate":false,"operator":"OR"}],"operator":"OR"}],"descriptions":[{"lang":"en","supportingMedia":[{"base64":false,"type":"text/html","value":"Insecure Temporary File vulnerability in Altera Quartus Prime Standard \n\nInstaller (SFX)\n\n on Windows, Altera Quartus Prime Lite \n\nInstaller (SFX)\n\n on Windows allows Explore for Predictable Temporary File Names.

This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1.

"}],"value":"Insecure Temporary File vulnerability in Altera Quartus Prime Standard \n\nInstaller (SFX)\n\n on Windows, Altera Quartus Prime Lite \n\nInstaller (SFX)\n\n on Windows allows Explore for Predictable Temporary File Names.This issue affects Quartus Prime Standard: from 23.1 through 24.1; Quartus Prime Lite: from 23.1 through 24.1."}],"impacts":[{"capecId":"CAPEC-149","descriptions":[{"lang":"en","value":"CAPEC-149 Explore for Predictable Temporary File Names"}]}],"metrics":[{"cvssV4_0":{"Automatable":"NOT_DEFINED","Recovery":"NOT_DEFINED","Safety":"NOT_DEFINED","attackComplexity":"HIGH","attackRequirements":"PRESENT","attackVector":"LOCAL","baseScore":5.4,"baseSeverity":"MEDIUM","exploitMaturity":"NOT_DEFINED","privilegesRequired":"LOW","providerUrgency":"NOT_DEFINED","subAvailabilityImpact":"NONE","subConfidentialityImpact":"NONE","subIntegrityImpact":"NONE","userInteraction":"ACTIVE","valueDensity":"NOT_DEFINED","vectorString":"CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N","version":"4.0","vulnAvailabilityImpact":"HIGH","vulnConfidentialityImpact":"HIGH","vulnIntegrityImpact":"HIGH","vulnerabilityResponseEffort":"NOT_DEFINED"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]},{"cvssV3_1":{"attackComplexity":"HIGH","attackVector":"LOCAL","availabilityImpact":"HIGH","baseScore":6.7,"baseSeverity":"MEDIUM","confidentialityImpact":"HIGH","integrityImpact":"HIGH","privilegesRequired":"LOW","scope":"UNCHANGED","userInteraction":"REQUIRED","vectorString":"CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H","version":"3.1"},"format":"CVSS","scenarios":[{"lang":"en","value":"GENERAL"}]}],"problemTypes":[{"descriptions":[{"cweId":"CWE-377","description":"CWE-377: Insecure Temporary File","lang":"en","type":"CWE"}]}],"providerMetadata":{"orgId":"04c0172e-9735-4a9d-a92a-fe01fa863447","shortName":"Altera","dateUpdated":"2026-01-06T21:38:05.375Z"},"references":[{"url":"https://www.altera.com/security/security-advisory/asa-0005"}],"source":{"discovery":"UNKNOWN"},"title":"Quartus® Prime Standard and Quartus® Prime Lite Security Advisory","x_generator":{"engine":"Vulnogram 0.5.0"}},"adp":[{"metrics":[{"other":{"type":"ssvc","content":{"timestamp":"2026-01-06T21:48:49.532347Z","id":"CVE-2025-14614","options":[{"Exploitation":"none"},{"Automatable":"no"},{"Technical Impact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}}],"title":"CISA ADP Vulnrichment","providerMetadata":{"orgId":"134c704f-9b21-4f2e-91b3-4a467353bcc0","shortName":"CISA-ADP","dateUpdated":"2026-01-06T21:49:00.340Z"}}]}}