彙總 acer 相關全部產品的 CVE 與安全漏洞情報,包括 CVSS、EPSS、公開時間與漏洞情報資料。
已披露問題常與 路徑處理缺陷、記憶體損壞與緩衝區溢位 相關,可能在 軟體部署與生產負載 場景中帶來 檔案覆寫與記憶體損壞 等暴露風險。
相關漏洞資料主要來源於公開漏洞披露與安全公告,可用於評估歷史漏洞暴露面與修補優先順序。
| CVE | 摘要 | 來源 | 最高 CVSS | EPSS % | 公開時間 | 更新時間 |
|---|---|---|---|---|---|---|
| CVE-2026-50226 | Fixed AES-128-CBC keys inside the AcerConnect OTA application let attackers forge authorization credentials for arbitrary IMEI numbers. This allows unauthorized actors to list catalog items and extract protected binaries from pre-signed cloud links. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 6.9 | 0.19% | 2026-06-04 | 2026-06-17 |
| CVE-2026-50225 | The registration path /v1/account/register provides no bot mitigation mechanisms, allowing malicious automated systems to flood the database. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 8.8 | 0.24% | 2026-06-04 | 2026-06-17 |
| CVE-2026-50224 | The web administration panel binds broadly to the public IPv6 address space on port [::]:8080 without default firewall limits, making internal API endpoints reachable over the WAN. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 6.9 | 0.23% | 2026-06-04 | 2026-06-17 |
| CVE-2026-50214 | The /v1/Plan service relies entirely on a shared global API token for full administrative management, allowing arbitrary creation of zero-cost network access plans. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 9.3 | 0.17% | 2026-06-04 | 2026-06-17 |
| CVE-2026-50213 | The account validation endpoint /v1/User/validate returns comprehensive user profile data sheets, which can be crawled by iterating predictable identification strings. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 8.7 | 0.24% | 2026-06-04 | 2026-06-17 |
| CVE-2026-50212 | Weak validation logic within device dissociation API routines allows a remote entity to forcefully unbind unrelated user endpoints, causing severe denial of service. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 7.1 | 0.17% | 2026-06-04 | 2026-06-17 |
| CVE-2026-50211 | Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 8.8 | 0.31% | 2026-06-04 | 2026-06-17 |
| CVE-2026-50210 | The device encrypts data using AES-CBC with static zero-filled Initialization Vectors (IVs), making it susceptible to replay attacks and known-plaintext decryption. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 6.9 | 0.24% | 2026-06-04 | 2026-06-17 |
| CVE-2026-50209 | Broadcast events allow malicious software to rewrite the device's default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to an external attacker. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 9.3 | 0.10% | 2026-06-04 | 2026-06-17 |
| CVE-2026-50208 | High-risk TrustAllCerts routines disable standard TLS certificate validation. Combined with hard-coded DES symmetric encryption keys, a Man-in-the-Middle (MITM) actor could decrypt network traffic. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 9.2 | 0.14% | 2026-06-04 | 2026-06-17 |
| CVE-2026-50207 | The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 8.5 | 0.14% | 2026-06-04 | 2026-06-17 |
| CVE-2026-50206 | Incoming VPN network profile settings fail to process special characters safely, enabling command injection via malicious config files. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 8.5 | 0.72% | 2026-06-04 | 2026-06-17 |
| CVE-2026-50205 | System log files output unencrypted SMTP server authentication passwords alongside sensitive employee corporate identification data. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 8.8 | 0.24% | 2026-06-04 | 2026-06-17 |
| CVE-2026-49204 | Leftover debug modules contain fixed credentials for internal AWS Cognito test sandboxes, risking asset exploitation. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 6.9 | 0.16% | 2026-06-04 | 2026-06-17 |
| CVE-2026-49203 | Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 7.2 | 0.17% | 2026-06-04 | 2026-06-17 |
| CVE-2026-49202 | Internal multimedia session archives are accessible without authentication, exacerbated by loose Cross-Origin Resource Sharing (CORS) rules that allow cross-site theft. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 8.8 | 0.26% | 2026-06-04 | 2026-06-17 |
| CVE-2026-49194 | The debugging routine SCREEN_CLICK(5053) enables a connection to skip the standard device login prompt entirely and directly enter an interactive shell interface. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 9.4 | 0.23% | 2026-06-04 | 2026-06-17 |
| CVE-2026-49193 | Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 8.7 | 0.24% | 2026-06-04 | 2026-06-17 |
| CVE-2026-49192 | The summary service endpoint suffers from an IDOR vulnerability where it fails to verify user ownership of hardware serial numbers, exposing device data to scraping. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 5.3 | 0.14% | 2026-06-04 | 2026-06-17 |
| CVE-2026-49191 | The production build of the M3WebServer hard-codes its backend API keys, which can be easily intercepted through verbose error handling pages. | 8fc372e3-d9c5-46e4-9410-38469745c639 | 9.3 | 0.29% | 2026-06-04 | 2026-06-17 |