CVE-2025-13670
DLL Planting Vulnerability in High Level Synthesis i++ Compiler
Publication date: 2025-12-12
Last updated on: 2025-12-12
Assigner: Altera
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| high_level_synthesis_compiler | i++ | 4.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-427 | The product uses a fixed or controlled search path to find resources, but one or more locations in that path can be under the control of unintended actors. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection involves checking for the presence of malicious DLLs in the search path used by the i++ command and the build.bat file. Specifically, inspect the directory "C:\quartus\bin64" and any directories involved in the DLL search path for unauthorized or suspicious DLL files. Since the vulnerability is related to DLL planting via uncontrolled search paths, commands like 'dir C:\quartus\bin64' in Windows Command Prompt or 'Get-ChildItem -Path C:\quartus\bin64 -Filter *.dll' in PowerShell can help identify unexpected DLLs. Additionally, reviewing permissions on the directory to ensure only system administrators have write access can help detect potential exploitation. [1]
Can you explain this vulnerability to me?
This vulnerability is a DLL planting issue in the High Level Synthesis Compiler i++ command for Windows. It means that an attacker could place a malicious DLL file in a location where the compiler might load it instead of the legitimate DLL, potentially leading to execution of malicious code.
How can this vulnerability impact me? :
The impact of this vulnerability could include unauthorized code execution with limited privileges, which may lead to compromise of system integrity, data corruption, or other malicious activities depending on the attacker's goals and the environment.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include replacing the vulnerable build.bat file with the secure version provided by Altera and restricting write permissions on the directory "C:\quartus\bin64" so that only system administrators have write access. These actions prevent attackers from placing malicious DLLs in the search path and exploiting the DLL planting vulnerability. Since no fixed version is available at the time of the advisory, these configuration changes are critical to reduce risk. [1]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not specify how this DLL planting vulnerability in the High Level Synthesis Compiler affects compliance with common standards and regulations such as GDPR or HIPAA.