Vulnerabilities > Acer
|2022-03-10||CVE-2022-24285|| Improper Authentication vulnerability in Acer Care Center 4.00.3000/4.00.3038 |
Acer Care Center 4.00.30xx before 4.00.3042 contains a local privilege escalation vulnerability.
| 7.2 |
|2022-03-10||CVE-2022-24286|| Improper Authentication vulnerability in Acer Quickaccess |
Acer QuickAccess 2.01.300x before 2.01.3030 and 3.00.30xx before 3.00.3038 contains a local privilege escalation vulnerability.
| 7.2 |
|2022-01-26||CVE-2021-45975|| Untrusted Search Path vulnerability in Acer Care Center |
In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack.
| 6.9 |
|2019-12-17||CVE-2019-18670|| Untrusted Search Path vulnerability in Acer Quick Access |
In the Quick Access Service (QAAdminAgent.exe) in Acer Quick Access V2.01.3000 through 2.01.3027 and V3.00.3000 through V3.00.3008, a REGULAR user can load an arbitrary unsigned DLL into the signed service's process, which is running as NT AUTHORITY\SYSTEM.
| 6.9 |
|2017-10-16||CVE-2017-15361|| Unspecified vulnerability in Infineon RSA Library and Trusted Platform Firmware |
The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA.
| 4.3 |
|2017-06-08||CVE-2016-5648|| Improper Certificate Validation vulnerability in Acer Portal 188.8.131.526 |
Acer Portal app before 184.108.40.2060 for Android does not properly validate SSL certificates, which allows remote attackers to perform a Man-in-the-middle attack via a crafted SSL certificate.
| 4.3 |
|2012-08-22||CVE-2012-2864|| Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Google Chrome OS |
Mesa, as used in Google Chrome before 21.0.1183.0 on the Acer AC700, Cr-48, and Samsung Series 5 and 5 550 Chromebook platforms, and the Samsung Chromebox Series 3, allows remote attackers to execute arbitrary code via unspecified vectors that trigger an "array overflow."
| 10.0 |
|2012-06-07||CVE-2012-3290||Multiple unspecified vulnerabilities in Google Chrome before 20.0.1132.22 on the Acer AC700; Samsung Series 5, 5 550, and Chromebox 3; and Cr-48 Chromebook platforms have unknown impact and attack vectors.|| 10.0 |
|2012-02-29||CVE-2012-1418||Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.60 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.|| 10.0 |
|2012-01-12||CVE-2012-0695|| Remote Security vulnerability in Chrome Os |
Multiple unspecified vulnerabilities in Google Chrome before 17.0.963.27 on the Acer AC700, Samsung Series 5, and Cr-48 Chromebook platforms have unknown impact and attack vectors.
| 10.0 |