Acer to Patch Critical Zero-Day Vulnerabilities in Wave 7 Routers Acer is developing a firmware update to address two severe zero-day vulnerabilities in its Wave 7 routers, disclosed by security researcher Gergo Pap. The flaws, rated with a maximum severity score under CVSS 4.0, allow unauthenticated remote exploitation and could lead to full system compromise. The first vulnerability stems from broken access control, exposing a log file via the router’s web interface without authentication. This file contains plaintext credentials for the administrative panel and Telnet services, enabling attackers to bypass authentication entirely. The second flaw involves a hardcoded AES encryption key in the firmware, used for configuration backups. Attackers can decrypt, modify, and re-upload these backups to establish persistent backdoor access, even after reboots or credential changes. Exploiting these vulnerabilities could grant attackers administrative control, allowing them to intercept traffic, alter DNS settings, or recruit devices into botnets. Routers exposed to the internet are especially vulnerable, as exploitation requires no prior authentication or user interaction. Acer expects to release the patch by the end of June 2026, advising users to apply it immediately upon availability. The disclosure underscores persistent security risks in consumer networking devices, particularly around improper data handling and insecure cryptographic practices.

A severe security vulnerability has been discovered in the Acer Control Center software, which could allow attackers to execute arbitrary code with system-level privileges. The vulnerability, identified in the ACCSvc.exe process, involves misconfigured Windows Named Pipe permissions that enable unauthenticated remote users to exploit the service’s features. This flaw creates a direct path for privilege escalation, potentially leading to the installation of persistent backdoors, deployment of ransomware, theft of sensitive user data, and complete compromise of the affected machine. Organizations utilizing Acer Control Center in their fleet of devices face significant risk if systems remain unpatched.

Acer Inc., a significant international technology corporation with headquarters in Taiwan, may have had its data compromised by a hacker using the alias Kernelware. Kernelware claims that the claimed breach led to the theft of a sizable amount of private data, amounting to 160GB comprising 655 folders and 2869 files. Kernelware made the data cache available for purchase to interested parties, claiming that it held a variety of priceless files and documents. Confidential presentations and slides, technical manuals, Windows Imaging Format files, binaries of various types, data on the backend infrastructure, product model documentation, and details on laptops, tablets, phones, and other gadgets were among the things on the list.

The computer manufacturer Acer suffered a cyber attack by Desorden hacker group in October 2021. The firm about lost 60GB of client, distributor and retailer information, as well as log-in details, financial and audit data. They isolated the systems to control the attack.

The back-office network of PC manufacturer Acer fell prey to the REvil ransomware group in March 2021. The group had posted information acquired in the attack on dark web and demanded a huge sum of $50 million to decrypt the devices.

The computer manufacturer Acer suffered a massive security breach, the data of 34,500 Acer customers have been hacked. The compromised information included customer names, addresses, and credit card numbers including expiry dates and three-digit CVC security codes. The company took immediate steps to remediate this security issue and they also reported this issue to credit card payment processor, and offered full cooperation to federal law enforcement.

The California Office of the Attorney General reported that Acer Service Corporation experienced a data breach affecting customer information on May 12, 2015, with the notification reported on June 14, 2016. The breach involved unauthorized access potentially exposing names, addresses, card numbers, expiration dates, and security codes, but Social Security numbers were not collected. Immediate corrective actions were taken, including engaging cybersecurity experts and cooperating with federal law enforcement.