CVE-2026-40004
MEDIUMZTE uSmartView openssl.cnf - Local Privilege Escalation
Title source: manualDescription
There exists an openssl.cnf privilege escalation vulnerability in ZTE Cloud PC client uSmartview. An attacker can execute arbitrary code locally and escalate privileges.
References (1)
Core 1
Scores
CVSS v3
5.5
EPSS
0.0014
EPSS Percentile
3.5%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-427
Status
published
Products (2)
ZTE/ZXCLOUD iRAI
ZXCLOUD-iRAI-ClientV7.2X
zte/zxcloud_irai
7.23.20 - 7.25.43
Published
May 07, 2026
Tracked Since
May 07, 2026