CVE-2026-49187
Hard-Coded APK Resources in Scepter Lead to Information Disclosure
Publication date: 2026-06-04
Last updated on: 2026-06-04
Assigner: 8fc372e3-d9c5-46e4-9410-38469745c639
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| acer | acer_connect_m6e_5g_portable_wifi_router | to m6e_ai_1.00.000019 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-200 | The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability involves hard-coded APK resource files that never expire. Additionally, a shared scepter (likely a shared secret or key) is used, which leads to information leaks and potential misuse.
How can this vulnerability impact me? :
The vulnerability can lead to information leaks due to the never-expiring hard-coded APK resource files and the shared scepter. This can result in unauthorized access or misuse of sensitive information.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability involves hard-coded APK resource files that never expire and shared secrets leading to information leaks and potential misuse. Such exposure of sensitive data can result in unauthorized access and data breaches.
These issues could negatively impact compliance with data protection regulations like GDPR and HIPAA, which require safeguarding personal and sensitive information against unauthorized access and ensuring data confidentiality and integrity.
Failure to address these vulnerabilities may lead to violations of these standards, potentially resulting in legal penalties, loss of user trust, and other compliance-related consequences.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection of this vulnerability involves identifying affected firmware versions and monitoring for signs of exploitation such as unauthorized command execution or unusual device behavior.
Specifically, check if your Acer Connect M6E 5G Portable WiFi Router is running firmware version M6E_AI_1.00.000019 or earlier, as these versions are vulnerable.
While no explicit commands are provided, you can perform the following general checks:
- Query the device firmware version via its management interface or command line.
- Monitor network traffic for suspicious MQTT broker activity or unauthorized access attempts.
- Check logs for unexpected root-level command executions or configuration changes.
- Restrict and inspect IPv6 traffic to detect potential exploitation attempts.
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include securing the device and preparing for the official firmware update.
- Set strong administrative passwords to prevent unauthorized access.
- Restrict IPv6 traffic where possible to reduce attack surface.
- Monitor device activity for signs of compromise.
- Apply the forthcoming comprehensive firmware update from Acer as soon as it becomes available via the device management interface.