CVE-2019-18670

Name of the Vulnerable Software and Affected Versions Acer Quick Access versions 2.01.3000 through 2.01.3027 Acer Quick Access versions 3.00.3000 through 3.00.3008

Description The issue allows a regular user to load an arbitrary unsigned DLL into the signed service's process, which runs as NT AUTHORITYSYSTEM. This is caused by an uncontrolled search path element for nvapi.dll, atiadlxx.dll, or atiadlxy.dll, leading to a DLL hijacking vulnerability, including search order hijacking. The vulnerability exploits the search for missing DLLs in the PATH environment variable.

Recommendations For Acer Quick Access versions 2.01.3000 through 2.01.3027, consider disabling the service until a patch is available to prevent exploitation. For Acer Quick Access versions 3.00.3000 through 3.00.3008, restrict access to the vulnerable service to minimize the risk of privilege escalation. As a temporary workaround, avoid using the vulnerable DLLs nvapi.dll, atiadlxx.dll, or atiadlxy.dll in the affected service until the issue is resolved.