Main Vulnerability Database Vulnerabilities #VU79565

Use of insufficiently random values in Intel Quartus Prime Pro - CVE-2023-24478

Published: August 15, 2023

Vulnerability identifier: #VU79565

CSH Severity: Low

CVSSv4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2023-24478

CWE-ID: CWE-330

Exploitation vector: Local access

Exploit availability: No public exploit available

Vulnerable software:
Intel Quartus Prime Pro

Software vendor:
Intel

Description

The vulnerability allows a local user to gain access to sensitive information.

The vulnerability exists due to usage of insufficiently random values for some Intel Agilex software included as part of Intel Quartus Prime Pro Edition for Linux. A local user can gain access to sensitive information.

Remediation

Install updates from vendor's website.

External links

http://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00850.html

Use of insufficiently random values in Intel Quartus Prime Pro - CVE-2023-24478

Description

Remediation

External links

Please verify you're human