Skip to main content

Acer PredatorSense CVE-2026-8069

| EUVDEUVD-2026-28533 HIGH
Path Traversal (CWE-22)
2026-05-08 Acer GHSA-67h9-58cf-72hp
8.5
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
8.5 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Analysis Generated
May 08, 2026 - 09:00 vuln.today
CVSS changed
May 08, 2026 - 07:22 NVD
8.5 (HIGH)
CVE Published
May 08, 2026 - 05:57 nvd
UNKNOWN (no severity yet)
CVE Published
May 08, 2026 - 05:57 nvd
HIGH 8.5

DescriptionCVE.org

PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation (LPE) vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrary code with NT AUTHORITY\SYSTEM privileges and to delete arbitrary files with SYSTEM privileges. By leveraging this, an attacker can execute arbitrary code on the target system with elevated privileges.

AnalysisAI

Local attackers with standard user accounts can escalate to NT AUTHORITY\SYSTEM privileges in Acer PredatorSense V3 versions 3.00.3136 through 3.00.3196. The gaming utility software exposes a misconfigured Windows Named Pipe allowing arbitrary code execution and file deletion with SYSTEM privileges. CVSS 8.5 (High) reflects severe local impact with low complexity exploitation. No active exploitation confirmed (not in CISA KEV) and no public exploit code identified at time of analysis, though the technical details provided enable development of proof-of-concept code.

Technical ContextAI

PredatorSense is Acer's gaming system management utility installed on Predator-branded gaming laptops and desktops. The vulnerability stems from CWE-22 (Path Traversal) combined with Windows Named Pipe misconfiguration. Named Pipes are IPC mechanisms in Windows that allow processes to communicate; when improperly secured with weak DACL (Discretionary Access Control List) settings, they can be accessed by unprivileged users. PredatorSense implements a custom protocol over its Named Pipe to invoke internal functions, but fails to validate caller privileges or sanitize file paths. This architectural flaw allows authenticated local users to inject commands through the pipe interface, triggering privileged operations including arbitrary code execution under the SYSTEM security context and unrestricted file deletion. The CVSS 4.0 vector (AV:L/AC:L/PR:L) confirms local attack surface with low complexity requiring only low-privilege authentication.

RemediationAI

Upgrade PredatorSense to version 3.00.3197 or later immediately, available through Acer's support portal or automatic software updates within the PredatorSense application itself. Verify remediation by checking Help > About within PredatorSense GUI to confirm version number exceeds 3.00.3196. If immediate patching is not feasible, implement these compensating controls with noted trade-offs: (1) Uninstall PredatorSense entirely if gaming-specific features (RGB lighting control, overclocking, system monitoring) are not business-critical - eliminates attack surface but removes all utility functionality; (2) Restrict local user accounts to eliminate standard users, enforcing single-administrator-only access - prevents exploitation by non-admin users but conflicts with least-privilege principles and may disrupt multi-user environments; (3) Deploy application control policies (AppLocker, WDAC) to block execution of PredatorSense service processes - prevents the vulnerable service from running but breaks all PredatorSense functionality. Organizations should audit which systems have PredatorSense installed using software inventory tools, prioritizing patch deployment to shared or multi-user gaming stations. Full vendor advisory and patch download: https://community.acer.com/en/kb/articles/19652.

Share

CVE-2026-8069 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy