Vulnerability in Intel(r) High Level Synthesis Compiler Software For Quartus(r) Prime Pro Edition

CVE-2024-31407

Uncontrolled search path in some Intel(R) High Level Synthesis Compiler software for Intel(R) Quartus(R) Prime Pro Edition Software before version 24.1 may allow an authenticated user to potentially enable escalation of privilege via local…

EPSS: 0.002 (7.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

  • N/a Intel(r) High Level Synthesis Compiler Software For Quartus(r) Prime Pro Edition — versions before version 24.1

Weakness classification (CWE)

References

Frequently asked questions

What is CVE-2024-31407?
CVE-2024-31407 is a medium-severity vulnerability in Intel(r) High Level Synthesis Compiler Software For Quartus(r) Prime Pro Edition, classified under Uncontrolled Search Path Element. CVSS score: 6.7/10. Published 2024-11-13.
How severe is CVE-2024-31407?
Medium severity. CVSS v3 base score is 6.7 out of 10.