Acer Control Center Flaw Lets Attackers Run Malicious Code as Elevated User
Posted: Sun Jun 15, 2025 6:21 am
A critical security flaw (CVE-2025-5491) in Acer ControlCenter allows remote attackers to execute arbitrary code with NT AUTHORITY\SYSTEM privileges via a misconfigured Windows Named Pipe.
The vulnerability, rated 8.8 on the CVSS scale, stems from insecure permissions on a custom protocol pipe exposed by the ACCSvc.exe
service.https://gbhackers.com/acer-control-center-flaw/
The vulnerability, rated 8.8 on the CVSS scale, stems from insecure permissions on a custom protocol pipe exposed by the ACCSvc.exe
service.https://gbhackers.com/acer-control-center-flaw/