Summary:
Unquoted service paths in the Intel® Quartus family of tools allows a local attacker to potentially execute arbitrary code.
Description:
The Joint Test Action Group (JTAG) server is vulnerable to replacement of required executables, which on reboot may be run with elevated privileges.
Affected products:
• Quartus II v11.0 – 15.0 (CVE-2018-3683)
• Quartus Prime v15.1 – 18.0 (CVE-2018-3684)
• Intel Quartus II Programmer and Tools v11.0 – 15.0 (CVE-2018-3687)
• Intel Quartus Prime Programmer and Tools v15.1 – 18.0 (CVE-2018-3688)
Recommendations:
Intel recommends for the affected products listed in this report, to run the patch found here: <https://www.altera.com/support/support-resources/knowledge-base/tools/2018/vulnerability-in-jtag-server-potentially-allows-a-local-attacker.html>
Or install Quartus Prime release v18.1 or later (when released; check availability here: <http://dl.altera.com/>), which already includes the update.
Acknowledgements:
Intel would like to thank SaifAllah benMassaoud for reporting this issue and working with us on coordinated disclosure.