CVE-2026-50211

Summary

Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers.

Affected Software

VendorProductVersion RangeStatus
AcerConnect M6E 5G Portable WiFi Router* <= M6E_AI_1.00.000019affected

Weaknesses

  • CWE-134: CWE-134: Use of Externally-Controlled Format String

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: partial

References