CVE-2025-13668 – A privilege escalation vulnerability in Quartus... (How to Fix)

Q: What is the severity of CVE-2025-13668?

CVE-2025-13668 has a CVSS score of 6.7 (MEDIUM). A privilege escalation vulnerability in Quartus Prime Pro Edition Design Software could allow local attackers to gain elevated privileges on affected systems. This affects users running vulnerable versions of the software on their workstations or servers.

📋 TL;DR

A privilege escalation vulnerability in Quartus Prime Pro Edition Design Software could allow local attackers to gain elevated privileges on affected systems. This affects users running vulnerable versions of the software on their workstations or servers.

💻 Affected Systems

Products:

Quartus Prime Pro Edition Design Software

Versions: Specific versions not detailed in advisory; check vendor advisory for exact affected versions

Operating Systems: Windows, Linux

Default Config Vulnerable: ⚠️ Yes

Notes: Affects both Windows and Linux versions. Users must have local access to exploit.

📦 What is this software?

Quartus Prime by Intel

View all CVEs affecting Quartus Prime →

⚠️ Risk & Real-World Impact

🔴

Worst Case

An attacker with local access could execute arbitrary code with SYSTEM/root privileges, potentially compromising the entire system and accessing sensitive design files.

🟠

Likely Case

Malicious users or malware could escalate privileges to install persistent backdoors, steal intellectual property, or pivot to other systems.

🟢

If Mitigated

With proper user access controls and network segmentation, impact would be limited to the local system and user's design files.

🌐 Internet-Facing: LOW - This is a local privilege escalation requiring access to the system running Quartus software.

🏢 Internal Only: MEDIUM - Internal users with access to Quartus workstations could exploit this, but requires local execution.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires local access and some technical knowledge. No public exploit code available at this time.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Intel/Altera advisory for specific patched versions

Vendor Advisory: https://www.altera.com/security/security-advisory/asa-0001

Restart Required: Yes

Instructions:

1. Review Intel/Altera security advisory ASA-0001. 2. Download and install the latest patched version of Quartus Prime Pro Edition. 3. Restart the system after installation.

🔧 Temporary Workarounds

Restrict User Privileges

all

Run Quartus software with standard user privileges instead of administrative rights

Network Segmentation

all

Isolate Quartus workstations from critical network segments

🧯 If You Can't Patch

Implement strict access controls to limit who can run Quartus software
Monitor for unusual privilege escalation attempts using endpoint detection tools

🔍 How to Verify

Check if Vulnerable:

Check Quartus Prime Pro Edition version against Intel/Altera advisory ASA-0001

Check Version:

quartus --version (Linux) or check About in Quartus GUI (Windows)

Verify Fix Applied:

Verify installed version matches or exceeds patched version specified in advisory

📡 Detection & Monitoring

Log Indicators:

Unexpected privilege escalation events
Quartus processes running with elevated privileges

Network Indicators:

Unusual outbound connections from Quartus workstations

SIEM Query:

Process creation where parent_process contains 'quartus' and integrity_level changes

📊 Metadata

CVE ID: CVE-2025-13668

CVSS v3 Score: 6.7 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-427

EPSS Score: 0.02% exploit probability (2.8th percentile)

Published: December 11, 2025

Last Updated: January 12, 2026

🔗 References

https://www.altera.com/security/security-advisory/asa-0001 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-13668, you might also want to check these: