CVE-2022-30426 (GCVE-0-2022-30426)

Vulnerability from cvelistv5 – Published: 2022-09-22 23:06 – Updated: 2025-05-27 16:05
VLAI?
Summary
There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version <= P13 (latest) and AP130 F2 firmware version <= P04 (latest) and Aspire 1600X firmware version <= P11.A3L (latest) and Aspire 1602M firmware version <= P11.A3L (latest) and Aspire 7600U firmware version <= P11.A4 (latest) and Aspire MC605 firmware version <= P11.A4L (latest) and Aspire TC-105 firmware version <= P12.B0L (latest) and Aspire TC-120 firmware version <= P11-A4 (latest) and Aspire U5-620 firmware version <= P11.A1 (latest) and Aspire X1935 firmware version <= P11.A3L (latest) and Aspire X3475 firmware version <= P11.A3L (latest) and Aspire X3995 firmware version <= P11.A3L (latest) and Aspire XC100 firmware version <= P11.B3 (latest) and Aspire XC600 firmware version <= P11.A4 (latest) and Aspire Z3-615 firmware version <= P11.A2L (latest) and Veriton E430G firmware version <= P21.A1 (latest) and Veriton B630_49 firmware version <= AAP02SR (latest) and Veriton E430 firmware version <= P11.A4 (latest) and Veriton M2110G firmware version <= P21.A3 (latest) and Veriton M2120G fir.
Severity ?
7.8 (High)
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CWE
  • n/a
Assigner
References
Show details on NVD website
To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-03T06:48:36.176Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://acer.com"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "http://altos.com"
          },
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "LOCAL",
              "availabilityImpact": "HIGH",
              "baseScore": 7.8,
              "baseSeverity": "HIGH",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "LOW",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2022-30426",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-05-27T16:05:03.668341Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-787",
                "description": "CWE-787 Out-of-bounds Write",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-05-27T16:05:10.117Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version \u003c= P13 (latest) and AP130 F2 firmware version \u003c= P04 (latest) and Aspire 1600X firmware version \u003c= P11.A3L (latest) and Aspire 1602M firmware version \u003c= P11.A3L (latest) and Aspire 7600U firmware version \u003c= P11.A4 (latest) and Aspire MC605 firmware version \u003c= P11.A4L (latest) and Aspire TC-105 firmware version \u003c= P12.B0L (latest) and Aspire TC-120 firmware version \u003c= P11-A4 (latest) and Aspire U5-620 firmware version \u003c= P11.A1 (latest) and Aspire X1935 firmware version \u003c= P11.A3L (latest) and Aspire X3475 firmware version \u003c= P11.A3L (latest) and Aspire X3995 firmware version \u003c= P11.A3L (latest) and Aspire XC100 firmware version \u003c= P11.B3 (latest) and Aspire XC600 firmware version \u003c= P11.A4 (latest) and Aspire Z3-615 firmware version \u003c= P11.A2L (latest) and Veriton E430G firmware version \u003c= P21.A1 (latest) and Veriton B630_49 firmware version \u003c= AAP02SR (latest) and Veriton E430 firmware version \u003c= P11.A4 (latest) and Veriton M2110G firmware version \u003c= P21.A3 (latest) and Veriton M2120G fir."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-09-22T23:06:15.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://acer.com"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "http://altos.com"
        },
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2022-30426",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version \u003c= P13 (latest) and AP130 F2 firmware version \u003c= P04 (latest) and Aspire 1600X firmware version \u003c= P11.A3L (latest) and Aspire 1602M firmware version \u003c= P11.A3L (latest) and Aspire 7600U firmware version \u003c= P11.A4 (latest) and Aspire MC605 firmware version \u003c= P11.A4L (latest) and Aspire TC-105 firmware version \u003c= P12.B0L (latest) and Aspire TC-120 firmware version \u003c= P11-A4 (latest) and Aspire U5-620 firmware version \u003c= P11.A1 (latest) and Aspire X1935 firmware version \u003c= P11.A3L (latest) and Aspire X3475 firmware version \u003c= P11.A3L (latest) and Aspire X3995 firmware version \u003c= P11.A3L (latest) and Aspire XC100 firmware version \u003c= P11.B3 (latest) and Aspire XC600 firmware version \u003c= P11.A4 (latest) and Aspire Z3-615 firmware version \u003c= P11.A2L (latest) and Veriton E430G firmware version \u003c= P21.A1 (latest) and Veriton B630_49 firmware version \u003c= AAP02SR (latest) and Veriton E430 firmware version \u003c= P11.A4 (latest) and Veriton M2110G firmware version \u003c= P21.A3 (latest) and Veriton M2120G fir."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://acer.com",
              "refsource": "MISC",
              "url": "http://acer.com"
            },
            {
              "name": "http://altos.com",
              "refsource": "MISC",
              "url": "http://altos.com"
            },
            {
              "name": "https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md",
              "refsource": "MISC",
              "url": "https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2022-30426",
    "datePublished": "2022-09-22T23:06:15.000Z",
    "dateReserved": "2022-05-09T00:00:00.000Z",
    "dateUpdated": "2025-05-27T16:05:10.117Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2022-30426",
      "date": "2026-04-25",
      "epss": "0.00095",
      "percentile": "0.26293"
    },
    "fkie_nvd": {
      "configurations": "[{\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:altos_t110_f3_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p13\", \"matchCriteriaId\": \"3B2791BB-A1C2-4121-B095-9E26506B9C51\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:altos_t110_f3:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5192B7DC-EDF8-438E-A3F4-8141124A894C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:ap130_f2_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p04\", \"matchCriteriaId\": \"6A2A45A3-5B4F-47D2-8EC3-49DD183AA182\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:ap130_f2:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7F9D4FC0-0F81-4F53-BA5D-30E4941C3EB4\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:aspire_1600x_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a3l\", \"matchCriteriaId\": \"B80DDBC5-581F-442F-8656-BD9CB1F1CE38\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:aspire_1600x:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8BED3067-CAC9-4705-9E9A-7960B29923AC\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:aspire_1602m_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a3l\", \"matchCriteriaId\": \"02B51526-8A53-444C-803B-C9C7A925DD8C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:aspire_1602m:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D615C9B3-0F1A-4DEA-97EC-82D38EAD64DF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:aspire_7600u_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a4\", \"matchCriteriaId\": \"E1BD824E-31EF-4CB0-9545-485A8A8C71A5\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:aspire_7600u:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"7DF2DACF-5EE4-43E9-8AA6-C06EE2AF3386\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:aspire_mc605_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a4l\", \"matchCriteriaId\": \"56ADF471-DC77-4280-8DEB-888D33AC8D4B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:aspire_mc605:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B4BF06C4-D5B0-44C1-8B5F-9752D6B96EC6\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:aspire_tc-105_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p12.b0l\", \"matchCriteriaId\": \"44AB957C-37C7-4318-AE58-6068FA3CFB20\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:aspire_tc-105:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1AB402BB-37AB-45CB-B46F-9F1B30CCBF3E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:aspire_tc-120_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11-a4\", \"matchCriteriaId\": \"36F88B4D-92BF-4F72-B263-22A755E64976\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:aspire_tc-120:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"63853105-572F-4A6A-9EAF-BABD865669BB\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:aspire_u5-620_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a1\", \"matchCriteriaId\": \"CB661FEE-48E5-4715-B24F-97CEC4FE10D6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:aspire_u5-620:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3495EC6F-F427-4C8C-8060-07EC25EF0B2E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:aspire_x1935_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a3l\", \"matchCriteriaId\": \"CEE0D973-F42D-400B-90A4-344E8718B700\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:aspire_x1935:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"057EAAC2-B41D-4129-90E1-40E503956314\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:aspire_x3475_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a3l\", \"matchCriteriaId\": \"A52714FA-63D2-4737-903A-DB5D005AF6D0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:aspire_x3475:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA0D813C-8185-4684-920A-FA0DE59E8372\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:aspire_x3995_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a3l\", \"matchCriteriaId\": \"24028FEA-A178-4E9A-AF22-B3DDFF395B94\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:aspire_x3995:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B67ECCB-7A82-4C8E-82DD-94454C0250DF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:aspire_xc100_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.b3\", \"matchCriteriaId\": \"2A4D90E6-997B-464B-9583-73ADAB1A59C1\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:aspire_xc100:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3A675A48-D67D-45EF-9536-1AC1CD625AC3\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:aspire_xc600_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a4\", \"matchCriteriaId\": \"825F42E9-78D0-46B3-8A15-8256AA6D7921\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:aspire_xc600:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8A1080F0-A741-4D3E-8BD5-23418EDFAABE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:aspire_z3-615_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a2l\", \"matchCriteriaId\": \"147C6EBF-B966-44FA-BE98-47B62C4B2C3C\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:aspire_z3-615:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8941F8FF-B1FB-43D3-BD51-EF975FCDEA5C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_b630_49_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"aap02sr\", \"matchCriteriaId\": \"9F671E74-9ECA-4128-8651-6531DF8943C7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_b630_49:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"BFF5700B-A1B1-478C-9D46-7BB03B02A33A\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_e430g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p21.a1\", \"matchCriteriaId\": \"5569439E-70BE-4292-923B-36CFB243157F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_e430g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"80AFD3EE-BD0E-4305-A614-49A9EBDE8DFE\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_e430_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a4\", \"matchCriteriaId\": \"3DF01945-D1B8-46FB-ADB1-E6961CD62304\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_e430:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"72D7420D-B331-4CED-B3CB-FCFE89A0AD2B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_m2110g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p21.a3\", \"matchCriteriaId\": \"27DCBE2B-2144-4B3A-B8BE-D20524E9D480\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_m2110g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B926D324-52A0-4154-BFD1-828A86E14E71\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_m2120g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11-a3\", \"matchCriteriaId\": \"D3FC4021-CE28-4345-9E29-0FC021043D5A\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_m2120g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"CA330154-46D5-48F9-BC38-3F32398E9B66\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_m2611g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11-b0l\", \"matchCriteriaId\": \"B0EB70DA-B093-4413-958D-EAB4287B2B03\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_m2611g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B9F018AD-3FAC-4640-AF1B-0E152C11C9DA\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_m2611_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.b0\", \"matchCriteriaId\": \"05BB96E6-2E46-4AA8-B85B-BC081A20AC09\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_m2611:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"59F23A15-D272-4F2B-86DF-C33CD3E75FB1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_m4620_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p21.a3\", \"matchCriteriaId\": \"0923E59D-3416-412C-B860-D3E627026DB7\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_m4620:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9E820FD3-6104-4E48-8A11-EE9C5DC1988C\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_m4620g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p21.a3\", \"matchCriteriaId\": \"FD6940E0-06D8-406F-8CAB-EBEFF61395E9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_m4620g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"3410E262-1FC3-4913-8A63-3A4058B0A895\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_m6620g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p21.a0\", \"matchCriteriaId\": \"6516D45E-ED3C-45D4-A26B-B9B6EE57ABA9\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_m6620g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"1257B81A-F0C9-4E3C-9058-1BA99412B54D\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_n2620g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p21.b0\", \"matchCriteriaId\": \"563037E2-10B9-41A5-A960-8C2DCBA1910B\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_n2620g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"EFABCD4B-3BB7-440B-AAA9-3DD867EA631B\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_n4620g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a2l\", \"matchCriteriaId\": \"280227DB-8784-4A6E-96A2-06326D3A2B71\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_n4620g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"36A00E5B-1887-407F-BDAE-268DB0F8CAA1\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_n4630g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p21.b0\", \"matchCriteriaId\": \"4B70CE5F-2E47-4E0F-8915-B090D01EA6C6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_n4630g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F56E9648-5D73-41F4-A8AA-B1EFD6F3A290\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_s6620g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a1\", \"matchCriteriaId\": \"F174F4D1-0A29-4920-93A6-9FB0B15F4834\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_s6620g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"B1812657-8B66-4B5F-B919-EA8D7096EBFF\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_x2611g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a4\", \"matchCriteriaId\": \"270A755C-AB19-4861-A124-05845EC32EC3\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_x2611g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"5B81F010-F6D6-458F-8618-CF2AE99CA20F\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_x2611_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a4\", \"matchCriteriaId\": \"634D7E54-8EDE-4C96-9397-14423609E65F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_x2611:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4B7FE60D-E18E-4848-AB0C-34FD48EA8206\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_x4620g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a3\", \"matchCriteriaId\": \"BAB09332-C738-4705-B87A-28335833F4B0\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_x4620g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"D8DA37FE-1185-49E2-AF47-C9FABAF7BEA5\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_x6620g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p11.a3\", \"matchCriteriaId\": \"2ADD04E1-905C-4EFF-996A-DE40126DE812\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_x6620g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9CE7F361-623E-4402-877A-0AAE4B3A2C9E\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:acer:veriton_z2650g_firmware:*:*:*:*:*:*:*:*\", \"versionEndExcluding\": \"p21.a1\", \"matchCriteriaId\": \"B0F99D10-818F-41C8-AA2E-A234494FD87F\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:h:acer:veriton_z2650g:-:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"8ADA6657-4BE8-47C7-B9AF-2ACD532D3EC3\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version \u003c= P13 (latest) and AP130 F2 firmware version \u003c= P04 (latest) and Aspire 1600X firmware version \u003c= P11.A3L (latest) and Aspire 1602M firmware version \u003c= P11.A3L (latest) and Aspire 7600U firmware version \u003c= P11.A4 (latest) and Aspire MC605 firmware version \u003c= P11.A4L (latest) and Aspire TC-105 firmware version \u003c= P12.B0L (latest) and Aspire TC-120 firmware version \u003c= P11-A4 (latest) and Aspire U5-620 firmware version \u003c= P11.A1 (latest) and Aspire X1935 firmware version \u003c= P11.A3L (latest) and Aspire X3475 firmware version \u003c= P11.A3L (latest) and Aspire X3995 firmware version \u003c= P11.A3L (latest) and Aspire XC100 firmware version \u003c= P11.B3 (latest) and Aspire XC600 firmware version \u003c= P11.A4 (latest) and Aspire Z3-615 firmware version \u003c= P11.A2L (latest) and Veriton E430G firmware version \u003c= P21.A1 (latest) and Veriton B630_49 firmware version \u003c= AAP02SR (latest) and Veriton E430 firmware version \u003c= P11.A4 (latest) and Veriton M2110G firmware version \u003c= P21.A3 (latest) and Veriton M2120G fir.\"}, {\"lang\": \"es\", \"value\": \"Se presenta una vulnerabilidad de desbordamiento del b\\u00fafer de la pila, que podr\\u00eda conllevar a una ejecuci\\u00f3n de c\\u00f3digo arbitrario en el controlador UEFI DXE de algunos productos Acer. Un ataque podr\\u00eda explotar esta vulnerabilidad para escalar el privilegio del anillo 3 al anillo 0, y secuestrar el flujo de control durante la ejecuci\\u00f3n de UEFI DXE. Esto afecta a versiones de firmware Altos T110 F3 versiones anteriores a P13 incluy\\u00e9ndola (m\\u00e1s reciente) y AP130 F2 versiones anteriores a P04 incluy\\u00e9ndola (m\\u00e1s reciente) y Aspire 1600X versiones anteriores a P11.A3L incluy\\u00e9ndola (m\\u00e1s reciente) y Aspire 1602M versiones anteriores a P11.A3L incluy\\u00e9ndola (m\\u00e1s reciente) y Aspire 7600U versiones anteriores a P11. A4 incluy\\u00e9ndola (m\\u00e1s reciente) y Aspire MC605 versiones de firmware anteriores a P11.A4L incluy\\u00e9ndola (m\\u00e1s reciente) y Aspire TC-105 versiones de firmware anteriores a P12.B0L incluy\\u00e9ndola (m\\u00e1s reciente) y Aspire TC-120 versiones de firmware anteriores a P11-A4 incluy\\u00e9ndola (m\\u00e1s reciente) y Aspire U5-620 versiones de firmware anteriores a P11.A1 incluy\\u00e9ndola (m\\u00e1s reciente) y Aspire X1935 versiones de firmware anteriores a P11. A3L incluy\\u00e9ndola (m\\u00e1s reciente) y Aspire X3475 versiones de firmware anteriores a P11.A3L incluy\\u00e9ndola (m\\u00e1s reciente) y Aspire X3995 versiones de firmware anteriores a P11.A3L incluy\\u00e9ndola (m\\u00e1s reciente) y Aspire XC100 versiones de firmware anteriores a P11.B3 incluy\\u00e9ndola (m\\u00e1s reciente) y Aspire XC600 versiones de firmware anteriores a P11.A4 incluy\\u00e9ndola (m\\u00e1s reciente) y Aspire Z3-615 versiones de firmware anteriores a P11. A2L incluy\\u00e9ndola (m\\u00e1s reciente) y Veriton E430G versiones de firmware anteriores a P21.A1 incluy\\u00e9ndola (m\\u00e1s reciente) y Veriton B630_49 versiones de firmware anteriores a AAP02SR incluy\\u00e9ndola (m\\u00e1s reciente) y Veriton E430 versiones de firmware anteriores a P11.A4 incluy\\u00e9ndola (m\\u00e1s reciente) y Veriton M2110G versiones de firmware anteriores a P21.A3 incluy\\u00e9ndola (m\\u00e1s reciente) y Veriton M2120G fir.\"}]",
      "id": "CVE-2022-30426",
      "lastModified": "2024-11-21T07:02:45.033",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.8, \"impactScore\": 5.9}]}",
      "published": "2022-09-23T00:15:09.747",
      "references": "[{\"url\": \"http://acer.com\", \"source\": \"cve@mitre.org\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://altos.com\", \"source\": \"cve@mitre.org\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md\", \"source\": \"cve@mitre.org\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}, {\"url\": \"http://acer.com\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Vendor Advisory\"]}, {\"url\": \"http://altos.com\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}, {\"url\": \"https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Exploit\", \"Third Party Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-787\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2022-30426\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2022-09-23T00:15:09.747\",\"lastModified\":\"2025-05-27T16:15:22.863\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version \u003c= P13 (latest) and AP130 F2 firmware version \u003c= P04 (latest) and Aspire 1600X firmware version \u003c= P11.A3L (latest) and Aspire 1602M firmware version \u003c= P11.A3L (latest) and Aspire 7600U firmware version \u003c= P11.A4 (latest) and Aspire MC605 firmware version \u003c= P11.A4L (latest) and Aspire TC-105 firmware version \u003c= P12.B0L (latest) and Aspire TC-120 firmware version \u003c= P11-A4 (latest) and Aspire U5-620 firmware version \u003c= P11.A1 (latest) and Aspire X1935 firmware version \u003c= P11.A3L (latest) and Aspire X3475 firmware version \u003c= P11.A3L (latest) and Aspire X3995 firmware version \u003c= P11.A3L (latest) and Aspire XC100 firmware version \u003c= P11.B3 (latest) and Aspire XC600 firmware version \u003c= P11.A4 (latest) and Aspire Z3-615 firmware version \u003c= P11.A2L (latest) and Veriton E430G firmware version \u003c= P21.A1 (latest) and Veriton B630_49 firmware version \u003c= AAP02SR (latest) and Veriton E430 firmware version \u003c= P11.A4 (latest) and Veriton M2110G firmware version \u003c= P21.A3 (latest) and Veriton M2120G fir.\"},{\"lang\":\"es\",\"value\":\"Se presenta una vulnerabilidad de desbordamiento del b\u00fafer de la pila, que podr\u00eda conllevar a una ejecuci\u00f3n de c\u00f3digo arbitrario en el controlador UEFI DXE de algunos productos Acer. Un ataque podr\u00eda explotar esta vulnerabilidad para escalar el privilegio del anillo 3 al anillo 0, y secuestrar el flujo de control durante la ejecuci\u00f3n de UEFI DXE. Esto afecta a versiones de firmware Altos T110 F3 versiones anteriores a P13 incluy\u00e9ndola (m\u00e1s reciente) y AP130 F2 versiones anteriores a P04 incluy\u00e9ndola (m\u00e1s reciente) y Aspire 1600X versiones anteriores a P11.A3L incluy\u00e9ndola (m\u00e1s reciente) y Aspire 1602M versiones anteriores a P11.A3L incluy\u00e9ndola (m\u00e1s reciente) y Aspire 7600U versiones anteriores a P11. A4 incluy\u00e9ndola (m\u00e1s reciente) y Aspire MC605 versiones de firmware anteriores a P11.A4L incluy\u00e9ndola (m\u00e1s reciente) y Aspire TC-105 versiones de firmware anteriores a P12.B0L incluy\u00e9ndola (m\u00e1s reciente) y Aspire TC-120 versiones de firmware anteriores a P11-A4 incluy\u00e9ndola (m\u00e1s reciente) y Aspire U5-620 versiones de firmware anteriores a P11.A1 incluy\u00e9ndola (m\u00e1s reciente) y Aspire X1935 versiones de firmware anteriores a P11. A3L incluy\u00e9ndola (m\u00e1s reciente) y Aspire X3475 versiones de firmware anteriores a P11.A3L incluy\u00e9ndola (m\u00e1s reciente) y Aspire X3995 versiones de firmware anteriores a P11.A3L incluy\u00e9ndola (m\u00e1s reciente) y Aspire XC100 versiones de firmware anteriores a P11.B3 incluy\u00e9ndola (m\u00e1s reciente) y Aspire XC600 versiones de firmware anteriores a P11.A4 incluy\u00e9ndola (m\u00e1s reciente) y Aspire Z3-615 versiones de firmware anteriores a P11. A2L incluy\u00e9ndola (m\u00e1s reciente) y Veriton E430G versiones de firmware anteriores a P21.A1 incluy\u00e9ndola (m\u00e1s reciente) y Veriton B630_49 versiones de firmware anteriores a AAP02SR incluy\u00e9ndola (m\u00e1s reciente) y Veriton E430 versiones de firmware anteriores a P11.A4 incluy\u00e9ndola (m\u00e1s reciente) y Veriton M2110G versiones de firmware anteriores a P21.A3 incluy\u00e9ndola (m\u00e1s reciente) y Veriton M2120G fir.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:altos_t110_f3_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p13\",\"matchCriteriaId\":\"3B2791BB-A1C2-4121-B095-9E26506B9C51\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:altos_t110_f3:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5192B7DC-EDF8-438E-A3F4-8141124A894C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:ap130_f2_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p04\",\"matchCriteriaId\":\"6A2A45A3-5B4F-47D2-8EC3-49DD183AA182\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:ap130_f2:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7F9D4FC0-0F81-4F53-BA5D-30E4941C3EB4\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:aspire_1600x_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a3l\",\"matchCriteriaId\":\"B80DDBC5-581F-442F-8656-BD9CB1F1CE38\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:aspire_1600x:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8BED3067-CAC9-4705-9E9A-7960B29923AC\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:aspire_1602m_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a3l\",\"matchCriteriaId\":\"02B51526-8A53-444C-803B-C9C7A925DD8C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:aspire_1602m:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D615C9B3-0F1A-4DEA-97EC-82D38EAD64DF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:aspire_7600u_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a4\",\"matchCriteriaId\":\"E1BD824E-31EF-4CB0-9545-485A8A8C71A5\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:aspire_7600u:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7DF2DACF-5EE4-43E9-8AA6-C06EE2AF3386\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:aspire_mc605_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a4l\",\"matchCriteriaId\":\"56ADF471-DC77-4280-8DEB-888D33AC8D4B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:aspire_mc605:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B4BF06C4-D5B0-44C1-8B5F-9752D6B96EC6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:aspire_tc-105_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p12.b0l\",\"matchCriteriaId\":\"44AB957C-37C7-4318-AE58-6068FA3CFB20\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:aspire_tc-105:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1AB402BB-37AB-45CB-B46F-9F1B30CCBF3E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:aspire_tc-120_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11-a4\",\"matchCriteriaId\":\"36F88B4D-92BF-4F72-B263-22A755E64976\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:aspire_tc-120:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"63853105-572F-4A6A-9EAF-BABD865669BB\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:aspire_u5-620_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a1\",\"matchCriteriaId\":\"CB661FEE-48E5-4715-B24F-97CEC4FE10D6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:aspire_u5-620:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3495EC6F-F427-4C8C-8060-07EC25EF0B2E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:aspire_x1935_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a3l\",\"matchCriteriaId\":\"CEE0D973-F42D-400B-90A4-344E8718B700\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:aspire_x1935:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"057EAAC2-B41D-4129-90E1-40E503956314\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:aspire_x3475_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a3l\",\"matchCriteriaId\":\"A52714FA-63D2-4737-903A-DB5D005AF6D0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:aspire_x3475:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA0D813C-8185-4684-920A-FA0DE59E8372\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:aspire_x3995_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a3l\",\"matchCriteriaId\":\"24028FEA-A178-4E9A-AF22-B3DDFF395B94\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:aspire_x3995:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B67ECCB-7A82-4C8E-82DD-94454C0250DF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:aspire_xc100_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.b3\",\"matchCriteriaId\":\"2A4D90E6-997B-464B-9583-73ADAB1A59C1\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:aspire_xc100:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3A675A48-D67D-45EF-9536-1AC1CD625AC3\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:aspire_xc600_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a4\",\"matchCriteriaId\":\"825F42E9-78D0-46B3-8A15-8256AA6D7921\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:aspire_xc600:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8A1080F0-A741-4D3E-8BD5-23418EDFAABE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:aspire_z3-615_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a2l\",\"matchCriteriaId\":\"147C6EBF-B966-44FA-BE98-47B62C4B2C3C\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:aspire_z3-615:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8941F8FF-B1FB-43D3-BD51-EF975FCDEA5C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_b630_49_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"aap02sr\",\"matchCriteriaId\":\"9F671E74-9ECA-4128-8651-6531DF8943C7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_b630_49:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"BFF5700B-A1B1-478C-9D46-7BB03B02A33A\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_e430g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p21.a1\",\"matchCriteriaId\":\"5569439E-70BE-4292-923B-36CFB243157F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_e430g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"80AFD3EE-BD0E-4305-A614-49A9EBDE8DFE\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_e430_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a4\",\"matchCriteriaId\":\"3DF01945-D1B8-46FB-ADB1-E6961CD62304\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_e430:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"72D7420D-B331-4CED-B3CB-FCFE89A0AD2B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_m2110g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p21.a3\",\"matchCriteriaId\":\"27DCBE2B-2144-4B3A-B8BE-D20524E9D480\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_m2110g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B926D324-52A0-4154-BFD1-828A86E14E71\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_m2120g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11-a3\",\"matchCriteriaId\":\"D3FC4021-CE28-4345-9E29-0FC021043D5A\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_m2120g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CA330154-46D5-48F9-BC38-3F32398E9B66\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_m2611g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11-b0l\",\"matchCriteriaId\":\"B0EB70DA-B093-4413-958D-EAB4287B2B03\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_m2611g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9F018AD-3FAC-4640-AF1B-0E152C11C9DA\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_m2611_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.b0\",\"matchCriteriaId\":\"05BB96E6-2E46-4AA8-B85B-BC081A20AC09\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_m2611:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"59F23A15-D272-4F2B-86DF-C33CD3E75FB1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_m4620_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p21.a3\",\"matchCriteriaId\":\"0923E59D-3416-412C-B860-D3E627026DB7\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_m4620:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9E820FD3-6104-4E48-8A11-EE9C5DC1988C\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_m4620g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p21.a3\",\"matchCriteriaId\":\"FD6940E0-06D8-406F-8CAB-EBEFF61395E9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_m4620g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3410E262-1FC3-4913-8A63-3A4058B0A895\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_m6620g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p21.a0\",\"matchCriteriaId\":\"6516D45E-ED3C-45D4-A26B-B9B6EE57ABA9\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_m6620g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"1257B81A-F0C9-4E3C-9058-1BA99412B54D\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_n2620g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p21.b0\",\"matchCriteriaId\":\"563037E2-10B9-41A5-A960-8C2DCBA1910B\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_n2620g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EFABCD4B-3BB7-440B-AAA9-3DD867EA631B\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_n4620g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a2l\",\"matchCriteriaId\":\"280227DB-8784-4A6E-96A2-06326D3A2B71\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_n4620g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"36A00E5B-1887-407F-BDAE-268DB0F8CAA1\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_n4630g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p21.b0\",\"matchCriteriaId\":\"4B70CE5F-2E47-4E0F-8915-B090D01EA6C6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_n4630g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F56E9648-5D73-41F4-A8AA-B1EFD6F3A290\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_s6620g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a1\",\"matchCriteriaId\":\"F174F4D1-0A29-4920-93A6-9FB0B15F4834\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_s6620g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B1812657-8B66-4B5F-B919-EA8D7096EBFF\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_x2611g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a4\",\"matchCriteriaId\":\"270A755C-AB19-4861-A124-05845EC32EC3\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_x2611g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5B81F010-F6D6-458F-8618-CF2AE99CA20F\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_x2611_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a4\",\"matchCriteriaId\":\"634D7E54-8EDE-4C96-9397-14423609E65F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_x2611:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4B7FE60D-E18E-4848-AB0C-34FD48EA8206\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_x4620g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a3\",\"matchCriteriaId\":\"BAB09332-C738-4705-B87A-28335833F4B0\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_x4620g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D8DA37FE-1185-49E2-AF47-C9FABAF7BEA5\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_x6620g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p11.a3\",\"matchCriteriaId\":\"2ADD04E1-905C-4EFF-996A-DE40126DE812\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_x6620g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9CE7F361-623E-4402-877A-0AAE4B3A2C9E\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:acer:veriton_z2650g_firmware:*:*:*:*:*:*:*:*\",\"versionEndExcluding\":\"p21.a1\",\"matchCriteriaId\":\"B0F99D10-818F-41C8-AA2E-A234494FD87F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:h:acer:veriton_z2650g:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8ADA6657-4BE8-47C7-B9AF-2ACD532D3EC3\"}]}]}],\"references\":[{\"url\":\"http://acer.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://altos.com\",\"source\":\"cve@mitre.org\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md\",\"source\":\"cve@mitre.org\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"http://acer.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://altos.com\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]},{\"url\":\"https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
    "vulnrichment": {
      "containers": "{\"cna\": {\"affected\": [{\"product\": \"n/a\", \"vendor\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version \u003c= P13 (latest) and AP130 F2 firmware version \u003c= P04 (latest) and Aspire 1600X firmware version \u003c= P11.A3L (latest) and Aspire 1602M firmware version \u003c= P11.A3L (latest) and Aspire 7600U firmware version \u003c= P11.A4 (latest) and Aspire MC605 firmware version \u003c= P11.A4L (latest) and Aspire TC-105 firmware version \u003c= P12.B0L (latest) and Aspire TC-120 firmware version \u003c= P11-A4 (latest) and Aspire U5-620 firmware version \u003c= P11.A1 (latest) and Aspire X1935 firmware version \u003c= P11.A3L (latest) and Aspire X3475 firmware version \u003c= P11.A3L (latest) and Aspire X3995 firmware version \u003c= P11.A3L (latest) and Aspire XC100 firmware version \u003c= P11.B3 (latest) and Aspire XC600 firmware version \u003c= P11.A4 (latest) and Aspire Z3-615 firmware version \u003c= P11.A2L (latest) and Veriton E430G firmware version \u003c= P21.A1 (latest) and Veriton B630_49 firmware version \u003c= AAP02SR (latest) and Veriton E430 firmware version \u003c= P11.A4 (latest) and Veriton M2110G firmware version \u003c= P21.A3 (latest) and Veriton M2120G fir.\"}], \"problemTypes\": [{\"descriptions\": [{\"description\": \"n/a\", \"lang\": \"en\", \"type\": \"text\"}]}], \"providerMetadata\": {\"dateUpdated\": \"2022-09-22T23:06:15.000Z\", \"orgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"shortName\": \"mitre\"}, \"references\": [{\"tags\": [\"x_refsource_MISC\"], \"url\": \"http://acer.com\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"http://altos.com\"}, {\"tags\": [\"x_refsource_MISC\"], \"url\": \"https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md\"}], \"x_legacyV4Record\": {\"CVE_data_meta\": {\"ASSIGNER\": \"cve@mitre.org\", \"ID\": \"CVE-2022-30426\", \"STATE\": \"PUBLIC\"}, \"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"product_name\": \"n/a\", \"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}}]}, \"vendor_name\": \"n/a\"}]}}, \"data_format\": \"MITRE\", \"data_type\": \"CVE\", \"data_version\": \"4.0\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"There is a stack buffer overflow vulnerability, which could lead to arbitrary code execution in UEFI DXE driver on some Acer products. An attack could exploit this vulnerability to escalate privilege from ring 3 to ring 0, and hijack control flow during UEFI DXE execution. This affects Altos T110 F3 firmware version \u003c= P13 (latest) and AP130 F2 firmware version \u003c= P04 (latest) and Aspire 1600X firmware version \u003c= P11.A3L (latest) and Aspire 1602M firmware version \u003c= P11.A3L (latest) and Aspire 7600U firmware version \u003c= P11.A4 (latest) and Aspire MC605 firmware version \u003c= P11.A4L (latest) and Aspire TC-105 firmware version \u003c= P12.B0L (latest) and Aspire TC-120 firmware version \u003c= P11-A4 (latest) and Aspire U5-620 firmware version \u003c= P11.A1 (latest) and Aspire X1935 firmware version \u003c= P11.A3L (latest) and Aspire X3475 firmware version \u003c= P11.A3L (latest) and Aspire X3995 firmware version \u003c= P11.A3L (latest) and Aspire XC100 firmware version \u003c= P11.B3 (latest) and Aspire XC600 firmware version \u003c= P11.A4 (latest) and Aspire Z3-615 firmware version \u003c= P11.A2L (latest) and Veriton E430G firmware version \u003c= P21.A1 (latest) and Veriton B630_49 firmware version \u003c= AAP02SR (latest) and Veriton E430 firmware version \u003c= P11.A4 (latest) and Veriton M2110G firmware version \u003c= P21.A3 (latest) and Veriton M2120G fir.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"references\": {\"reference_data\": [{\"name\": \"http://acer.com\", \"refsource\": \"MISC\", \"url\": \"http://acer.com\"}, {\"name\": \"http://altos.com\", \"refsource\": \"MISC\", \"url\": \"http://altos.com\"}, {\"name\": \"https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md\", \"refsource\": \"MISC\", \"url\": \"https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md\"}]}}}, \"adp\": [{\"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-03T06:48:36.176Z\"}, \"title\": \"CVE Program Container\", \"references\": [{\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"http://acer.com\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"http://altos.com\"}, {\"tags\": [\"x_refsource_MISC\", \"x_transferred\"], \"url\": \"https://github.com/10TG/vulnerabilities/blob/main/Acer/CVE-2022-30426/CVE-2022-30426.md\"}]}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2022-30426\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-05-27T16:05:03.668341Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-787\", \"description\": \"CWE-787 Out-of-bounds Write\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-05-27T16:04:50.011Z\"}}]}",
      "cveMetadata": "{\"assignerOrgId\": \"8254265b-2729-46b6-b9e3-3dfca2d5bfca\", \"assignerShortName\": \"mitre\", \"cveId\": \"CVE-2022-30426\", \"datePublished\": \"2022-09-22T23:06:15.000Z\", \"dateReserved\": \"2022-05-09T00:00:00.000Z\", \"dateUpdated\": \"2025-05-27T16:05:10.117Z\", \"state\": \"PUBLISHED\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.