CVE-2022-21204 – This vulnerability in Intel Quartus Prime Pro E... (How to Fix)

Q: What is the severity of CVE-2022-21204?

CVE-2022-21204 has a CVSS score of 7.8 (HIGH). This vulnerability in Intel Quartus Prime Pro Edition allows authenticated local users to escalate privileges due to improper file permissions. Attackers could gain elevated system access on affected installations. Only users running vulnerable versions of this specific Intel software are affected.

📋 TL;DR

This vulnerability in Intel Quartus Prime Pro Edition allows authenticated local users to escalate privileges due to improper file permissions. Attackers could gain elevated system access on affected installations. Only users running vulnerable versions of this specific Intel software are affected.

💻 Affected Systems

Products:

Intel Quartus Prime Pro Edition

Versions: All versions before 21.3

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Quartus Prime Pro Edition, not Standard Edition. Requires local authenticated access.

📦 What is this software?

Quartus Prime by Intel

View all CVEs affecting Quartus Prime →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An authenticated attacker gains full administrative/root privileges on the system, potentially compromising the entire host and adjacent systems.

🟠

Likely Case

Local users with standard privileges gain elevated access to modify system files, install malware, or access restricted data.

🟢

If Mitigated

With proper access controls and least privilege principles, impact is limited to the Quartus Prime application scope.

🌐 Internet-Facing: LOW - Requires local authenticated access, not remotely exploitable.

🏢 Internal Only: HIGH - Local privilege escalation vulnerabilities are serious threats in multi-user environments or shared workstations.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Local privilege escalation typically has low complexity once initial access is obtained. No public exploit code identified.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 21.3 or later

Vendor Advisory: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00632.html

Restart Required: Yes

Instructions:

1. Download Quartus Prime Pro Edition version 21.3 or later from Intel website. 2. Uninstall previous version. 3. Install updated version. 4. Restart system.

🔧 Temporary Workarounds

Restrict Local Access

all

Limit local user access to systems running Quartus Prime to trusted personnel only.

Apply Least Privilege

all

Ensure Quartus Prime users operate with minimal necessary privileges.

🧯 If You Can't Patch

Isolate affected systems from critical networks and sensitive data
Implement strict access controls and monitor for suspicious privilege escalation attempts

🔍 How to Verify

Check if Vulnerable:

Check Quartus Prime version via Help > About in the application or check installed programs list.

Check Version:

On Windows: Check Programs and Features. On Linux: Check package manager or installation directory.

Verify Fix Applied:

Confirm version is 21.3 or later in application or system programs list.

📡 Detection & Monitoring

Log Indicators:

Unexpected privilege escalation events
Quartus Prime process spawning with elevated privileges
File permission changes in Quartus directories

Network Indicators:

None - local-only vulnerability

SIEM Query:

Process creation where parent process contains 'quartus' and privilege level changes

📊 Metadata

CVE ID: CVE-2022-21204

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-276

Published: February 9, 2022

Last Updated: May 5, 2025

🔗 References

https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00632.html Vendor Advisory
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00632.html Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-21204, you might also want to check these: