A severe security vulnerability has been discovered in the Acer Control Center software, which could allow attackers to execute arbitrary code with system-level privileges. The vulnerability, identified in the ACCSvc.exe process, involves misconfigured Windows Named Pipe permissions that enable unauthenticated remote users to exploit the service’s features. Security researcher Leon Jacobs from Orange Cyber Defense reported this critical flaw, which has been addressed in the latest software update released by Acer on May 15, 2025.

‍