PT-2026-3282 · Acer · Acer Backup Manager

Emmanuel Lujan

Publicado

2026-01-16

Atualizado

2026-01-17

CVE-2021-47826

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Acer Backup Manager version 3.0.0.99

Description Acer Backup Manager version 3.0.0.99 has an issue with an unquoted service path in the NTI IScheduleSvc service. This could allow local users to execute arbitrary code. The unquoted path is located in C:Program Files (x86)NTIAcer Backup Manager. Exploiting this issue may allow attackers to inject malicious executables that run with elevated LocalSystem privileges.

Recommendations Apply a fix to quote the service path for the NTI IScheduleSvc service.

Exploit

Correção

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-428

Identificadores relacionados

CVE-2021-47826

Produtos afetados

Acer Backup Manager

PT-2026-3282 · Acer · Acer Backup Manager

CVE-2021-47826

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 6