PT-2026-3282 · Acer · Acer Backup Manager
Emmanuel Lujan
·
Published
2026-01-16
·
Updated
2026-01-17
·
CVE-2021-47826
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Acer Backup Manager version 3.0.0.99
Description
Acer Backup Manager version 3.0.0.99 has an issue with an unquoted service path in the NTI IScheduleSvc service. This could allow local users to execute arbitrary code. The unquoted path is located in C:Program Files (x86)NTIAcer Backup Manager. Exploiting this issue may allow attackers to inject malicious executables that run with elevated LocalSystem privileges.
Recommendations
Apply a fix to quote the service path for the NTI IScheduleSvc service.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Acer Backup Manager