Login Sign Up

CVE-2020-24481

7.8 HIGH

📋 TL;DR

This vulnerability in Intel Quartus Prime software allows authenticated local users to escalate privileges due to insecure inherited permissions. It affects users of Intel Quartus Prime Pro and Standard editions on Windows systems. Attackers could gain higher system privileges than intended.

💻 Affected Systems

Products:
  • Intel Quartus Prime Pro Edition
  • Intel Quartus Prime Standard Edition
Versions: Versions before 20.3
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: Only affects Windows installations. Linux versions are not affected.

📦 What is this software?

Quartus by Intel

View all CVEs affecting Quartus →

Quartus by Intel

View all CVEs affecting Quartus →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker could gain SYSTEM/administrator privileges on the Windows host, enabling complete system compromise, data theft, and persistence.

🟠

Likely Case

Local authenticated users could elevate privileges to install malicious software, modify system configurations, or access restricted data.

🟢

If Mitigated

With proper access controls and least privilege principles, impact is limited to the specific user account and Quartus installation.

🌐 Internet-Facing: LOW - This requires local authenticated access, not directly exploitable over network.
🏢 Internal Only: HIGH - Any authenticated user on affected systems could potentially exploit this vulnerability.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: LOW

Requires local authenticated access. Exploitation likely involves manipulating file permissions or registry keys.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Version 20.3 and later

Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00451.html

Restart Required: Yes

Instructions:

1. Download Intel Quartus Prime version 20.3 or later from Intel website. 2. Uninstall previous version. 3. Install updated version. 4. Restart system.

🔧 Temporary Workarounds

Restrict user permissions

windows

Apply strict access controls to Quartus installation directories and registry keys

icacls "C:\Program Files\Intel\Quartus" /inheritance:r /grant:r "Users:(RX)" /grant:r "Administrators:(F)"
icacls "C:\ProgramData\Intel\Quartus" /inheritance:r /grant:r "Users:(RX)" /grant:r "Administrators:(F)"

Remove unnecessary user access

windows

Remove Quartus access from non-administrative users who don't require it

Remove users from local groups with Quartus access

🧯 If You Can't Patch

  • Implement strict least privilege access controls for Quartus directories and registry
  • Monitor for privilege escalation attempts and restrict user access to only necessary systems

🔍 How to Verify

Check if Vulnerable:

Check Quartus version via Help > About in application or registry: HKEY_LOCAL_MACHINE\SOFTWARE\Intel\Quartus\Version

Check Version:

reg query "HKLM\SOFTWARE\Intel\Quartus" /v Version

Verify Fix Applied:

Confirm version is 20.3 or later and verify directory permissions are properly restricted

📡 Detection & Monitoring

Log Indicators:

  • Windows Security event logs showing privilege escalation attempts
  • Access to Quartus directories by non-admin users
  • Registry modifications to Quartus keys

Network Indicators:

  • No network indicators - local privilege escalation only

SIEM Query:

EventID=4672 AND ProcessName LIKE '%quartus%' OR EventID=4688 AND NewProcessName LIKE '%quartus%' AND SubjectUserName != 'SYSTEM'

📊 Metadata

CVE ID: CVE-2020-24481
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Published: February 17, 2021
Last Updated: November 21, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON