Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools

#8fc372e3-d9c5-46e4-9410-38469745c639

Security Advisories

Reported CVEsVendorsProductsReports
3Vulnerabilities found
CVE-2026-9490
Assigner-8fc372e3-d9c5-46e4-9410-38469745c639
ShareView Details
Assigner-8fc372e3-d9c5-46e4-9410-38469745c639
CVSS Score-6.8||MEDIUM
EPSS-0.01% / 2.25%
||
7 Day CHG~0.00%
Published-25 May, 2026 | 07:25
Updated-26 May, 2026 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Acer Care Center creates a Named Pipe with a weak Security Descriptor

A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message (message type 0x03) to the pipe, causing the service to crash with exit code 1067 (ERROR_PROCESS_ABORTED). To mitigate this potential local service disruption, Acer requires users to update the software to the latest version.

Action-Not Available
Vendor-Acer Inc.
Product-Care Center
CWE ID-CWE-269
Improper Privilege Management
CVE-2026-9489
Assigner-8fc372e3-d9c5-46e4-9410-38469745c639
ShareView Details
Assigner-8fc372e3-d9c5-46e4-9410-38469745c639
CVSS Score-8.5||HIGH
EPSS-0.02% / 5.89%
||
7 Day CHG~0.00%
Published-25 May, 2026 | 01:50
Updated-26 May, 2026 | 19:05
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NitroSense V3: Local Privilege Escalation (LPE) vulnerability

NitroSense 3.x before 3.01.3052 contains Local Privilege Escalation (LPE) vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrary code with NT AUTHORITY\SYSTEM privileges and to delete arbitrary files with SYSTEM privileges. By leveraging this, an attacker can execute arbitrary code on the target system with elevated privileges.

Action-Not Available
Vendor-Acer Inc.
Product-NitrorSense V3
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource
CVE-2026-8069
Assigner-8fc372e3-d9c5-46e4-9410-38469745c639
ShareView Details
Assigner-8fc372e3-d9c5-46e4-9410-38469745c639
CVSS Score-8.5||HIGH
EPSS-0.02% / 6.88%
||
7 Day CHG~0.00%
Published-08 May, 2026 | 05:57
Updated-08 May, 2026 | 12:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
PredatorSense V3: Local Privilege Escalation (LPE) vulnerability

PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation (LPE) vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrary code with NT AUTHORITY\SYSTEM privileges and to delete arbitrary files with SYSTEM privileges. By leveraging this, an attacker can execute arbitrary code on the target system with elevated privileges.

Action-Not Available
Vendor-Acer Inc.
Product-PredatorSense V3
CWE ID-CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CWE ID-CWE-269
Improper Privilege Management
CWE ID-CWE-284
Improper Access Control
CWE ID-CWE-732
Incorrect Permission Assignment for Critical Resource