Vulnerability Details CVE-2026-9490
A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message (message type 0x03) to the pipe, causing the service to crash with exit code 1067 (ERROR_PROCESS_ABORTED). To mitigate this potential local service disruption, Acer requires users to update the software to the latest version.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 2.4%
CVSS Severity
CVSS v3 Score 5.5
Products affected by CVE-2026-9490
-
cpe:2.3:a:acer:care_center:4.00.3000
-
cpe:2.3:a:acer:care_center:4.00.3038
-
cpe:2.3:a:acer:care_center:4.00.3042