CNNVD-202601-1289 Information

Jan 07, 2026 cve

CNNVD ID

CNNVD-202601-1289

CVE-2025-14625

CNNVD Published: 2026-01-07

Description (Chinese)

Altera Quartus Prime Standard和Altera Quartus Prime Lite都是美国Altera公司的一个FPGA设计软件。 Altera Quartus Prime Standard和Altera Quartus Prime Lite存在安全漏洞，该漏洞源于Windows Nios II命令外壳模块存在不受控制的搜索路径元素，可能导致搜索顺序劫持。以下版本受到影响：Altera Quartus Prime Standard 19.1版本至24.1版本和Quartus Prime Lite 19.1版本至24.1版本。

Description (English)

Altera Quartus Prime Standard and Altera Quartus Prime Lite are all FPGA design software for Altera, United States. Altera Quartus Prime Standard and Altera Quartus Prime Lite have a security loophole, which stems from the uncontrolled search path elements of the Windows Nios II shell module, which may lead to a search sequence hijacking. The following versions were affected: Altera Quartus Prime Standard 19.1 to 24.1 and Quartus Prime Lite 19.1 to 24.1.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

altera

Published

2026-01-07

Last Modified

2026-02-24

References

https://www.altera.com/security/security-advisory/asa-0005 https://access.redhat.com/security/cve/cve-2025-14625

Patch

https://www.altera.com/products/development-tools/quartus

Share on: