CVE-2022-37329
First published: Thu Feb 16 2023(Updated: )
Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro and Standard Edition software may allow an authenticated user to potentially enable escalation of privilege via local access.
Credit: secure@intel.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Intel Fpga Software Development Kit | <22.1 | |
| Intel Quartus Prime | <21.1 | |
| Intel Quartus Prime | <21.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID for this vulnerability is CVE-2022-37329.
What is the severity of CVE-2022-37329?
The severity of CVE-2022-37329 is high with a CVSS score of 7.3.
Which software is affected by CVE-2022-37329?
The Intel FPGA Software Development Kit, Intel Quartus Prime Standard Edition, and Intel Quartus Prime Pro Edition versions up to 22.1, 21.1, and 21.3 respectively, are affected by CVE-2022-37329.
What is the impact of CVE-2022-37329?
An authenticated user with local access may potentially enable escalation of privilege due to the uncontrolled search path vulnerability in the affected Intel Quartus Prime software.
How can the CVE-2022-37329 vulnerability be fixed?
To fix the CVE-2022-37329 vulnerability, it is recommended to update the affected Intel Quartus Prime and Intel FPGA Software Development Kit software to the latest versions available.
- collector/nvd-index
- agent/author
- agent/severity
- agent/weakness
- agent/references
- agent/tags
- agent/type
- agent/description
- agent/event
- agent/first-publish-date
- agent/last-modified-date
- agent/softwarecombine
- agent/remedy
- collector/mitre-cve
- source/MITRE
- vendor/intel
- canonical/intel fpga software development kit
- canonical/intel quartus prime