Vulnerabilities > Acer

DATE CVE VULNERABILITY TITLE RISK
2022-03-10 CVE-2022-24285 Improper Authentication vulnerability in Acer Care Center 4.00.3000/4.00.3038
Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability.
local
low complexity
acer CWE-287
7.2
2022-03-10 CVE-2022-24286 Improper Authentication vulnerability in Acer Quickaccess
Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local privilege escalation vulnerability.
local
low complexity
acer CWE-287
7.2
2022-01-26 CVE-2021-45975 Untrusted Search Path vulnerability in Acer Care Center
In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack.
local
acer CWE-426
6.9
2019-12-17 CVE-2019-18670 Untrusted Search Path vulnerability in Acer Quick Access
In the Quick Access Service (QAAdminAgent.exe) in Acer Quick Access V2.01.3000 through 2.01.3027 and V3.00.3000 through V3.00.3008, a REGULAR user can load an arbitrary unsigned DLL into the signed service's process, which is running as NT AUTHORITY\SYSTEM.
local
acer CWE-426
6.9
2017-10-16 CVE-2017-15361 Unspecified vulnerability in Infineon RSA Library and Trusted Platform Firmware
The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA.
4.3
2017-06-08 CVE-2016-5648 Improper Certificate Validation vulnerability in Acer Portal 3.9.3.2006
Acer Portal app before 3.9.4.2000 for Android does not properly validate SSL certificates, which allows remote attackers to perform a Man-in-the-middle attack via a crafted SSL certificate.
network
acer CWE-295
4.3
2012-08-22 CVE-2012-2864 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome OS
Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, Cr-48, and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, allows remote attackers to execute arbitrary code via unspecified vectors that trigger an "array overflow."
network
low complexity
google acer samsung CWE-119
critical
10.0
2012-06-07 CVE-2012-3290 Multiple unspecified vulnerabilities in Google Chrome before 20.0.1132.22 on the Acer AC700; Samsung Series 5, 5 550, and Chromebox 3; and Cr-48 Chromebook platforms have unknown impact and attack vectors.
network
low complexity
google acer samsung
critical
10.0
2012-02-29 CVE-2012-1418 Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
network
low complexity
google acer samsung
critical
10.0
2012-01-12 CVE-2012-0695 Remote Security vulnerability in Chrome Os
Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
network
low complexity
google acer samsung
critical
10.0