A local denial-of-service vulnerability exists in Acer Care Center's ACCSvc service. The service creates a Named Pipe with a weak Security Descriptor, allowing an authenticated local user to connect and send a specially crafted message (type 0x03) that causes the service to terminate with exit code 1067 (ERROR_PROCESS_ABORTED). This vulnerability requires local access and valid user credentials, limiting [truncated]
NitroSense 3.x before 3.01.3052 contains a Local Privilege Escalation (LPE) vulnerability. The application exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. This Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrary code with NT AUTHORITY SYSTEM privileges and to delete arbitrary files with SYSTEM privileges. By leveraging this, an att [truncated]
