← Back to CVE feed
CVE-2026-49203
Description
Crucial management API endpoints for cellular eSIM allocation do not validate caller authorization, allowing remote profiles to be rewritten or deleted.
CVSS Vector
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:HAffected Products
acer/connect_m6e_5g
acer/connect_m6e_5g_firmware