Skip to content

Acer Wave 7 Router: Critical Zero-Days Under Patch

Bottom line: Two critical zero-days in Acer Wave 7 routers demand immediate attention for NIS2-relevant network infrastructure.

Acer is working on patches for two critical zero-day vulnerabilities in its Wave 7 mesh routers. The security gaps potentially enable complete system compromise.

Acer has identified two maximum-severity vulnerabilities in the Wave 7 mesh router series that currently exist without publicly available patches. Both flaws allow unauthenticated attackers to completely take over the device and compromise the network infrastructure.

For CISOs, this is relevant because mesh routers often function as central network access points in enterprise environments or remote office setups. Successful exploitation of these zero-days could serve as a beachhead for deeper network penetration and thus directly fall under NIS2 requirements for system hardening and vulnerability management.

Acer confirms active work on patches. Until patches become available, organisations should isolate Wave 7 routers with this critical flaw from non-production environments or replace them with alternative systems where possible. Further details on CVE numbers or exploit details are pending.


Source: www.bleepingcomputer.com · Published 3 June 2026
Lumi AI News — AI-assisted curation pursuant to Article 50 EU AI Act. Paraphrasing and classification via Lumi News Pipeline v1.2.9.

Share on: