CVE-2026-8069

HIGH

PredatorSense V3: Local Privilege Escalation (LPE) vulnerability

Title source: cna

Description

PredatorSense version 3.00.3136 to 3.00.3196 contain Local Privilege Escalation (LPE) vulnerability.The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named Pipe is misconfigured, allowing any authenticated local user to execute arbitrary code with NT AUTHORITY\SYSTEM privileges and to delete arbitrary files with SYSTEM privileges. By leveraging this, an attacker can execute arbitrary code on the target system with elevated privileges.

References (1)

Core 1

Core References

https://community.acer.com/en/kb/articles/19652

Scores

CVSS v4 8.5

EPSS 0.0012

EPSS Percentile 2.0%

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-22 CWE-269 CWE-284 CWE-732

Status published

Products (1)

Acer/PredatorSense V3 3.00.3136 - 3.00.3196

Published May 08, 2026

Tracked Since May 08, 2026