What is CVE-2025-14596?

CVE-2025-14596 is a medium-severity vulnerability in Altera Quartus Prime Pro, classified under Uncontrolled Search Path Element. CVSS score: 6.7/10. Published 2026-01-06.

How severe is CVE-2025-14596?

Medium severity. CVSS v3 base score is 6.7 out of 10.

Vulnerability in Altera Quartus Prime Pro

CVE-2025-14596

Uncontrolled Search Path Element vulnerability in Altera Quartus Prime Pro Installer (SFX) on Windows allows Search Order Hijacking.This issue affects Quartus Prime Pro: from 24.1 through 24.3.1.

EPSS: 0.000 (1.7th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 6.7 (Medium). Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H.

Affected products

Altera Quartus Prime Pro — versions 24.1

Weakness classification (CWE)

CWE-427 — Uncontrolled Search Path Element

References

www.altera.com/security/security-advisory/asa-0004

Frequently asked questions

What is CVE-2025-14596?: CVE-2025-14596 is a medium-severity vulnerability in Altera Quartus Prime Pro, classified under Uncontrolled Search Path Element. CVSS score: 6.7/10. Published 2026-01-06.
How severe is CVE-2025-14596?: Medium severity. CVSS v3 base score is 6.7 out of 10.