CVE-2025-13663

CVSS v3 6.7 MEDIUM

6.7^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 0.8 / Impact : 5.9

Attack Vector LOCAL

Attack Complexity HIGH

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

U

nder certain circumstances, the Quartus Prime Pro Installer for Windows does not check the permissions of the Quartus target installation directory if the target installation directory already exists.

References

Link	Resource
https://www.altera.com/security/security-advisory/asa-0001	Vendor Advisory

Configurations

Configuration 1 (hide)

AND

cpe:2.3:a:intel:quartus_prime:*:*:*:*:pro:*:*:*

cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

History

12 Jan 2026, 15:08

Type	Values Removed	Values Added
References	~~() https://www.altera.com/security/security-advisory/asa-0001 -~~	() https://www.altera.com/security/security-advisory/asa-0001 - Vendor Advisory
CPE		cpe:2.3:a:intel:quartus_prime:::::pro:::* cpe:2.3:o:microsoft:windows:-:::::::*
First Time		Intel Microsoft windows Intel quartus Prime Microsoft

12 Dec 2025, 15:17

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-12-11 21:15

Updated : 2026-01-12 15:08

NVD link : CVE-2025-13663

Mitre link : CVE-2025-13663

CVE.ORG link : CVE-2025-13663

JSON object : View

Products Affected

windows

quartus_prime

CWE

CWE-279

Incorrect Execution-Assigned Permissions

{"id": "CVE-2025-13663", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "04c0172e-9735-4a9d-a92a-fe01fa863447", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.7, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "REQUIRED", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "impactScore": 5.9, "exploitabilityScore": 0.8}], "cvssMetricV40": [{"type": "Secondary", "source": "04c0172e-9735-4a9d-a92a-fe01fa863447", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.4, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "ACTIVE", "attackComplexity": "HIGH", "attackRequirements": "PRESENT", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "published": "2025-12-11T21:15:46.307", "references": [{"url": "https://www.altera.com/security/security-advisory/asa-0001", "tags": ["Vendor Advisory"], "source": "04c0172e-9735-4a9d-a92a-fe01fa863447"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "04c0172e-9735-4a9d-a92a-fe01fa863447", "description": [{"lang": "en", "value": "CWE-279"}]}], "descriptions": [{"lang": "en", "value": "Under certain circumstances, the Quartus Prime Pro Installer for Windows does not check the permissions of the Quartus target installation directory if the target installation directory already exists."}], "lastModified": "2026-01-12T15:08:30.580", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:intel:quartus_prime:*:*:*:*:pro:*:*:*", "vulnerable": true, "matchCriteriaId": "465646C1-E706-4FAE-945B-45AAC9013F2A", "versionEndExcluding": "25.1"}], "operator": "OR"}, {"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*", "vulnerable": false, "matchCriteriaId": "A2572D17-1DE6-457B-99CC-64AFD54487EA"}], "operator": "OR"}], "operator": "AND"}], "sourceIdentifier": "04c0172e-9735-4a9d-a92a-fe01fa863447"}