VYPR
Medium severity5.5NVD Advisory· Published May 25, 2026· Updated Jun 4, 2026

CVE-2026-9490

CVE-2026-9490

Description

A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message (message type 0x03) to the pipe, causing the service to crash with exit code 1067 (ERROR_PROCESS_ABORTED). To mitigate this potential local service disruption, Acer requires users to update the software to the latest version.

Affected products

2
  • Acer/Care Center2 versions
    cpe:2.3:a:acer:care_center:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:acer:care_center:*:*:*:*:*:*:*:*range: <4.00.3060
    • (no CPE)

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.