8.7
CVE-2026-49193
- EPSS 0.25%
- Veröffentlicht 04.06.2026 06:17:07
- Zuletzt bearbeitet 04.06.2026 19:38:59
- Quelle 8fc372e3-d9c5-46e4-9410-384697
- CVE-Watchlists
- Unerledigt
Publicly Readable AWS S3 Telemetry Buckets
Overly permissive configuration settings on cloud storage containers expose active telemetry information publicly to the internet.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Acer ≫ Connect M6e 5g Firmware Version <= m6e_ai_1.00.000019
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.25% | 0.154 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.5 | 3.9 | 3.6 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
| 8fc372e3-d9c5-46e4-9410-38469745c639 | 8.7 | 0 | 0 |
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
|
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.
https://community.acer.com/en/kb/articles/19707