Description
The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity.
Published: 2026-06-04
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability exists in the system Binder boundary, which accepts AT commands without proper verification. This flaw allows a local application to issue arbitrary AT commands that can read baseband files or disable cellular connectivity. The impact is local access to sensitive modem data and denial of cellular service, giving an attacker potential data exposure or service disruption.

Affected Systems

Acer Connect M6E 5G Portable WiFi Router. No specific firmware or software version information is provided in the current data, so all installed units running this product are considered potentially vulnerable.

Risk and Exploitability

The CVSS score of 8.5 classifies the issue as High severity. Since no EPSS score is available, the exploitation probability distribution cannot be quantified, but the lack of listing in the CISA KEV catalog suggests no evidence of active exploitation at this time. The attack vector is local, requiring the attacker to run a malicious application on the device or to have local code execution capability. If such local access is achieved, the flaw can be abused to read baseband files or break cellular connectivity, potentially impacting data confidentiality and availability.

Generated by OpenCVE AI on June 4, 2026 at 09:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any Acer firmware or security patch that resolves the Binder AT command verification issue
  • If a patch is not yet available, restrict or disable the AT command interface on the Binder boundary through device configuration
  • Monitor system logs for unusual AT command activity and block any unauthorized requests
  • Change default administrator passwords and secure the device management interface to reduce local access risk

Generated by OpenCVE AI on June 4, 2026 at 09:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 04 Jun 2026 19:30:00 +0000

Type Values Removed Values Added
First Time appeared Acer
Acer connect M6e 5g
Acer connect M6e 5g Firmware
CPEs cpe:2.3:h:acer:connect_m6e_5g:-:*:*:*:*:*:*:*
cpe:2.3:o:acer:connect_m6e_5g_firmware:*:*:*:*:*:*:*:*
Vendors & Products Acer
Acer connect M6e 5g
Acer connect M6e 5g Firmware
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

Thu, 04 Jun 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 04 Jun 2026 08:45:00 +0000

Type Values Removed Values Added
Description The system Binder boundary accepts unverified pass-through AT commands, giving local applications the power to read baseband files or disable cellular connectivity.
Title Local Modem Manipulation via Binder Interfaces
Weaknesses CWE-22
References
Metrics cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Acer Connect M6e 5g Connect M6e 5g Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: Acer

Published:

Updated: 2026-06-04T12:22:56.007Z

Reserved: 2026-06-04T01:29:10.111Z

Link: CVE-2026-50207

cve-icon Vulnrichment

Updated: 2026-06-04T12:22:51.317Z

cve-icon NVD

Status : Analyzed

Published: 2026-06-04T09:16:29.137

Modified: 2026-06-04T19:15:31.460

Link: CVE-2026-50207

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-04T09:30:10Z

Weaknesses