Cyber Resilience

CVE-2026-50211

HighUpdated

Published: 04 June 2026

Published
04 June 2026
Modified
17 June 2026
KEV Added
Patch
CVSS Score v4 8.8 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:L/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0029 20.5th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-50211 is a high-severity Use of Externally-Controlled Format String (CWE-134) vulnerability in Acer Connect M6E 5G Firmware. Its CVSS base score is 8.8 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 20.5th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.

EU & UK References

Vulnerability details

Leftover engineering diagnostics and factory-level diagnostic software remain exposed on retail builds, giving malicious apps write privileges to internal NVRAM registers.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1068 Exploitation for Privilege Escalation Privilege Escalation
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Why these techniques?

Exposed diagnostics directly grant malicious apps elevated write access to NVRAM, enabling privilege escalation.

Confidence: MEDIUM · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-49186Same product: Acer Connect M6E 5G
CVE-2026-49185Same product: Acer Connect M6E 5G
CVE-2026-49190Same product: Acer Connect M6E 5G
CVE-2026-49194Same product: Acer Connect M6E 5G
CVE-2026-50207Same product: Acer Connect M6E 5G
CVE-2026-50208Same product: Acer Connect M6E 5G
CVE-2026-50209Same product: Acer Connect M6E 5G
CVE-2026-49189Same product: Acer Connect M6E 5G
CVE-2026-50212Same product: Acer Connect M6E 5G
CVE-2026-50214Same product: Acer Connect M6E 5G

Affected Assets

acer
connect m6e 5g firmware
≤ m6e_ai_1.00.000019

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References