CVE-2026-9490
Analyzed Analyzed - Analysis Complete
ACCSvc Service Crash via Weak Named Pipe Security Descriptor

Publication date: 2026-05-25

Last updated on: 2026-06-04

Assigner: 8fc372e3-d9c5-46e4-9410-38469745c639

Description
A security vulnerability has been identified in Acer Care Center where the ACCSvc service creates a Named Pipe with a weak Security Descriptor. This vulnerability allows an authenticated local user to connect and send a specially crafted message (message type 0x03) to the pipe, causing the service to crash with exit code 1067 (ERROR_PROCESS_ABORTED). To mitigate this potential local service disruption, Acer requires users to update the software to the latest version.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-25
Last Modified
2026-06-04
Generated
2026-06-15
AI Q&A
2026-05-26
EPSS Evaluated
2026-06-14
NVD
CVE-2026-9490
EUVD
EUVD-2026-31648
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
acer care_center to 4.00.3060 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-269 The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Acer Care Center's ACCSvc service, which creates a Named Pipe with a weak Security Descriptor. An authenticated local user can exploit this by connecting to the pipe and sending a specially crafted message (message type 0x03). Doing so causes the service to crash with exit code 1067 (ERROR_PROCESS_ABORTED).

Impact Analysis

The vulnerability can lead to a local service disruption by causing the ACCSvc service to crash. This may affect the normal operation of Acer Care Center on the affected system, potentially impacting system stability or availability of the service.

Mitigation Strategies

To mitigate this vulnerability, Acer requires users to update the Acer Care Center software to the latest version.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9490. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart