CVE 9.3 CRITICAL

MDM Server Registration Overriding_CVE-2026-50209

June 4, 2026 invoker category_cve

9.3 / 10

CRITICAL

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H

Description

Broadcast events allow malicious software to rewrite the device's default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to an external attacker.

AI Analysis

A vulnerability in the MDM server registration process allows malicious software to override the default MDM endpoint address, potentially leading to administrative ownership being shifted to an external attacker.

Basic Information

ID CVE-2026-50209

Source Acer

Published Jun 4, 2026 at 07:17

Affected Product

Vendor Acer

Product Connect M6E 5G Portable WiFi Router

Version *

Affected Versions Acer Connect M6E 5G Portable WiFi Router *

CWE Classification

CWE-732

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor Acer

Product Connect M6E 5G Portable WiFi Router

Version *

References

community.acer.com /en/kb/articles/19707

{
    "lastseen": "",
    "description": "Broadcast events allow malicious software to rewrite the device's default Mobile Device Management (MDM) endpoint address, shifting administrative ownership to an external attacker.",
    "published": "2026-06-04T07:17:54.018Z",
    "modified": "2026-06-04T07:17:54.018Z",
    "type": "cve",
    "title": "MDM Server Registration Overriding",
    "source": "Acer",
    "references": "https://community.acer.com/en/kb/articles/19707",
    "id": "CVE-2026-50209",
    "bulletinFamily": "",
    "cwe": [
        "CWE-732"
    ],
    "cvelist": null,
    "sourceData": "Acer Connect M6E 5G Portable WiFi Router *",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Connect M6E 5G Portable WiFi Router",
    "version": "*",
    "vendor": "Acer",
    "ai_description": "A vulnerability in the MDM server registration process allows malicious software to override the default MDM endpoint address, potentially leading to administrative ownership being shifted to an external attacker.",
    "ai_severity": "Critical",
    "ai_vendor": "Acer",
    "ai_product": "Connect M6E 5G Portable WiFi Router",
    "ai_version": "*",
    "ai_score": 9.3
}

💭 Join the Security Discussion ❌ Cancel Reply