Vulnerability in Intel(r) High Level Synthesis Compiler Software For Quartus(r) Prime Pro Edition
CVE-2024-31407
Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software for Intel(R) Quartus(R) Prime Pro Edition Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local…
EPSS: 0.002 (7.3th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H.
Affected products
- N/a Intel(r) High Level Synthesis Compiler Software For Quartus(r) Prime Pro Edition — versions before version 24.1
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2024-31407?
- CVE-2024-31407 is a medium-severity vulnerability in Intel(r) High Level Synthesis Compiler Software For Quartus(r) Prime Pro Edition, classified under Uncontrolled Search Path Element. CVSS score: 6.7/10. Published 2024-11-13.
- How severe is CVE-2024-31407?
- Medium severity. CVSS v3 base score is 6.7 out of 10.