CVE-2025-13669
Search Order Hijacking in Altera HLS Compiler on Windows
Publication date: 2025-12-12
Last updated on: 2025-12-12
Assigner: Altera
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| altera | high_level_synthesis_compiler | 19.1 |
| altera | high_level_synthesis_compiler | 24.3 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-427 | The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Uncontrolled Search Path Element issue in the Altera High Level Synthesis Compiler on Windows. It allows Search Order Hijacking, meaning an attacker could manipulate the order in which the system searches for executable files or libraries, potentially causing the system to load malicious code instead of the intended files. This affects versions from 19.1 through 24.3 of the compiler.
How can this vulnerability impact me? :
The vulnerability can allow an attacker with limited privileges to hijack the search order for executable files or libraries, potentially leading to execution of malicious code with the privileges of the affected application. This can result in confidentiality, integrity, and availability impacts on the system running the Altera High Level Synthesis Compiler.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not specify how this vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves checking for the presence of the vulnerable build.bat file in design examples and verifying if the directory "C:\quartus\bin64" has improper write permissions that allow non-administrators to modify it. Since the vulnerability is related to DLL planting via uncontrolled search path elements on Windows, you can look for suspicious DLL files in the working directories used by the High Level Synthesis Compiler. Specific commands are not provided in the advisory, but you can use Windows commands such as "icacls C:\quartus\bin64" to check directory permissions and "dir /a" in relevant directories to look for unexpected DLL files. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the vulnerable build.bat file with the secure version provided by Altera and restricting write permissions on the directory "C:\quartus\bin64" so that only system administrators have write access. These steps help prevent DLL planting attacks by controlling the search path and limiting who can place malicious DLLs in critical directories. [1]