PatchSiren cyber security CVE debrief
CVE-2026-9490 Acer CVE debrief
A local denial-of-service vulnerability exists in Acer Care Center's ACCSvc service. The service creates a Named Pipe with a weak Security Descriptor, allowing an authenticated local user to connect and send a specially crafted message (type 0x03) that causes the service to terminate with exit code 1067 (ERROR_PROCESS_ABORTED). This vulnerability requires local access and valid user credentials, limiting its exploitability to authenticated attackers on the same system. The vulnerability was published on May 25, 2026, and modified on May 26, 2026. Acer has released guidance requiring users to update to the latest software version to mitigate this issue.
- Vendor
- Acer
- Product
- Care Center
- CVSS
- MEDIUM 6.8
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-05-25
- Original CVE updated
- 2026-05-26
- Advisory published
- 2026-05-25
- Advisory updated
- 2026-05-26
Who should care
Organizations and individuals using Acer Care Center on Windows systems, particularly those with multi-user environments where local user accounts may have elevated interaction capabilities with system services.
Technical summary
The ACCSvc service in Acer Care Center creates a Named Pipe with insufficient access controls. An authenticated local attacker can connect to this pipe and submit message type 0x03, triggering a service crash with exit code 1067. The vulnerability stems from improper privilege management (CWE-269) in the service's Named Pipe security descriptor configuration.
Defensive priority
medium
Recommended defensive actions
- Update Acer Care Center to the latest version per vendor guidance
- Review and restrict local user privileges where possible
- Monitor for unexpected ACCSvc service terminations with exit code 1067
- Apply principle of least privilege for local user accounts
Evidence notes
The vulnerability description is sourced from NVD with a CVSS 4.0 vector indicating local attack vector, low attack complexity, low privileges required, and high availability impact. The weakness is classified as CWE-269 (Improper Privilege Management). Acer's knowledge base article provides official vendor guidance.
Official resources
-
CVE-2026-9490 CVE record
CVE.org
-
CVE-2026-9490 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
8fc372e3-d9c5-46e4-9410-38469745c639
Acer has acknowledged this vulnerability and published mitigation guidance. Users should update Acer Care Center to the latest available version.