Security Vulnerability in Acer Care Center Affects Local User Access
CVE-2026-9490

6.8MEDIUM

Key Information:

Vendor: Acer
Status: Care Center
Vendor: CVE Published:; 25 May 2026

What is CVE-2026-9490?

A security vulnerability has been discovered in Acer Care Center, where the ACCSvc service establishes a Named Pipe with an inadequate Security Descriptor. This oversight permits an authenticated local user to connect to the pipe and transmit a specifically crafted message, leading to the service crashing unexpectedly. To avoid any potential disruption and protect your systems, it is recommended to update to the latest version of the software.

Affected Version(s)

Care Center Windows 4.0 <= 4.00.3058

References

https://community.acer.com/en/kb/articles/19668

CVSS V4

Score:

6.8

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 25, 2026
Vulnerability Reserved
May 25, 2026

Credit

Vo Duc Thang

CVE-2026-9490 Data

JSON