QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2026-9789

Back to search

CVE-2026-9789

Published: May 28, 2026

Modified: May 28, 2026

PUBLISHED

Description

A Local Privilege Escalation (LPE) vulnerability affects Acer NitroSense software versions prior to 3.01.3052. The vulnerability stems from the the PSAdminAgent service, which creates a Named Pipe with a weak Access Control List (ACL). This allows any authenticated local user to connect and send commands. Because the service does not check the caller's privileges before running file deletion commands, a low-privileged local user can exploit this to delete arbitrary files with system authority.

VendorProductVersions

Acer

NitrorSense V3

affected
3.01.3001 - <= 3.01.3052

Weaknesses (CWE)

CWE-22
CWE-269
CWE-284
CWE-732

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now
CVE-2026-9789 - Security Vulnerability | QwikSec