Vulnerabilities > Acer > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-27 | CVE-2023-48034 | Inadequate Encryption Strength vulnerability in Acer Sk-9662 Firmware An issue discovered in Acer Wireless Keyboard SK-9662 allows attacker in physical proximity to both decrypt wireless keystrokes and inject arbitrary keystrokes via use of weak encryption. | 6.1 |
| 2022-01-26 | CVE-2021-45975 | Untrusted Search Path vulnerability in Acer Care Center In ListCheck.exe in Acer Care Center 4.x before 4.00.3038, a vulnerability in the loading mechanism of Windows DLLs could allow a local attacker to perform a DLL hijacking attack. | 6.9 |
| 2019-12-17 | CVE-2019-18670 | Untrusted Search Path vulnerability in Acer Quick Access In the Quick Access Service (QAAdminAgent.exe) in Acer Quick Access V2.01.3000 through 2.01.3027 and V3.00.3000 through V3.00.3008, a REGULAR user can load an arbitrary unsigned DLL into the signed service's process, which is running as NT AUTHORITY\SYSTEM. | 6.9 |
| 2017-10-16 | CVE-2017-15361 | Unspecified vulnerability in Infineon RSA Library and Trusted Platform Firmware The Infineon RSA library 1.02.013 in Infineon Trusted Platform Module (TPM) firmware, such as versions before 0000000000000422 - 4.34, before 000000000000062b - 6.43, and before 0000000000008521 - 133.33, mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection mechanisms via targeted attacks, aka ROCA. | 4.3 |
| 2017-06-08 | CVE-2016-5648 | Improper Certificate Validation vulnerability in Acer Portal 3.9.3.2006 Acer Portal app before 3.9.4.2000 for Android does not properly validate SSL certificates, which allows remote attackers to perform a Man-in-the-middle attack via a crafted SSL certificate. | 4.3 |