CVE-2026-9490
EUVD-2026-3164825.05.2026, 08:16
A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message (message type 0x03) to the pipe, causing the service to crash with exit code 1067 (ERROR_PROCESS_ABORTED). To mitigate this potential local service disruption, Acer requires users to update the software to the latest version.Enginsight
Affected Products (NVD)
| Vendor | Product | Version |
|---|---|---|
| acer | care_center | 𝑥 < 4.00.3060 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration