Skip to main content

Acer Connect M6E EUVDEUVD-2026-34214

| CVE-2026-49203 HIGH
Improper Authentication (CWE-287)
2026-06-04 Acer GHSA-hhrg-xw9w-2f4q
7.2
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.2 HIGH
CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Adjacent
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jun 04, 2026 - 07:32 vuln.today
CVSS changed
Jun 04, 2026 - 07:22 NVD
7.2 (HIGH)

DescriptionCVE.org

Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted.

AnalysisAI

Unauthorized eSIM profile manipulation in the Acer Connect M6E 5G Portable WiFi Router allows adjacent attackers to rewrite or delete cellular eSIM profiles without authentication because management API endpoints fail to validate caller authorization. The flaw maps to CWE-287 (Improper Authentication) and is reported by Acer with CVSS 4.0 score 7.2, with no public exploit identified at time of analysis.

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Join target M6E Wi-Fi network
Delivery
Discover eSIM management API endpoint
Exploit
Send unauthenticated profile-modification request
Execution
Rewrite or delete victim eSIM profile
Impact
Disrupt or hijack cellular connectivity

Vulnerability AssessmentAI

Exploitation Exploitation requires adjacent-network access (AV:A) - the attacker must be associated with the same Wi-Fi network served by the Acer Connect M6E 5G portable router, meaning physical proximity and either an open SSID, knowledge of the Wi-Fi passphrase, or a successful crack of it. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector indicates Adjacent network attack vector (AV:A), low attack complexity (AC:L), no privileges required (PR:N), and no user interaction (UI:N), with high impact on integrity and availability of the vulnerable component (VI:H/VA:H) but only low confidentiality impact (VC:L) and no subsequent-system impact - yielding the 7.2 score. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker associates with the Acer Connect M6E's Wi-Fi network - for example by joining an open hotspot at an airport lounge or cracking a weak passphrase - and then sends crafted HTTP requests to the router's eSIM management API endpoints. Because the endpoints do not check caller authorization, the attacker can rewrite the victim's cellular profile (potentially redirecting traffic through an attacker-controlled carrier configuration) or delete it outright, knocking the victim off cellular data. …
Remediation Patch available per vendor advisory - administrators should consult the Acer advisory at https://community.acer.com/en/kb/articles/19707 and apply the firmware update Acer publishes for the Connect M6E as soon as it is offered through the device's update mechanism, since the exact fixed version is not enumerated in the provided data. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Audit deployment of Acer Connect M6E 5G routers in production and critical infrastructure environments. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

CVE-2026-49185 CRITICAL
10.0 Jun 04

Unauthenticated remote command injection in Acer Connect M6E 5G Portable WiFi Router (firmware ≤ M6E_AI_1.00.000019) all

CVE-2026-49190 CRITICAL
9.4 Jun 04

Command injection in the Acer Connect M6E 5G Portable WiFi Router allows authenticated remote attackers to install arbit

CVE-2026-49194 CRITICAL
9.4 Jun 04

Authentication bypass in the Acer Connect M6E 5G Portable WiFi Router allows low-privileged remote attackers to reach a

CVE-2026-49191 CRITICAL
9.3 Jun 04

Authentication bypass in the Acer Connect M6E 5G Portable WiFi Router's M3WebServer production build exposes hard-coded

CVE-2026-50214 CRITICAL
9.3 Jun 04

Authentication bypass in the Acer Connect M6E 5G Portable WiFi Router (firmware ≤ M6E_AI_1.00.000019) allows remote atta

CVE-2026-50209 CRITICAL
9.3 Jun 04

Privilege escalation via MDM endpoint hijack in the Acer Connect M6E 5G Portable WiFi Router (firmware ≤M6E_AI_1.00.0000

CVE-2026-50208 CRITICAL
9.2 Jun 04

Cryptographic weaknesses in the Acer Connect M6E 5G Portable WiFi Router (firmware versions through M6E_AI_1.00.000019)

CVE-2026-50205 HIGH
8.8 Jun 04

Sensitive information disclosure in the Acer Connect M6E 5G Portable WiFi Router exposes cleartext SMTP authentication p

CVE-2026-49202 HIGH
8.8 Jun 04

Unauthenticated exposure of internal multimedia session archives in the Acer Connect M6E 5G Portable WiFi Router lets re

CVE-2026-50211 HIGH
8.8 Jun 04

Exposed factory diagnostics in Acer Connect M6E 5G Portable WiFi Router (firmware M6E_AI_1.00.000019 and earlier) allow

CVE-2026-50225 HIGH
8.8 Jun 04

Database flooding via unauthenticated abuse of Acer Connect M6E 5G Portable WiFi Router's registration endpoint allows r

CVE-2026-49193 HIGH
8.7 Jun 04

Public exposure of telemetry data affects Acer Connect M6E 5G Portable WiFi Router, where misconfigured cloud storage co

Share

EUVD-2026-34214 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy