CVE-2026-40004

EUVD-2026-28243
There exists an openssl.cnf privilege escalation vulnerability in ZTE Cloud PC client uSmartview. An attacker can execute arbitrary code locally and escalate privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.5 MEDIUM
PHYSICAL
HIGH
LOW
CVSS:3.1/AV:P/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 3%
Affected Products (NVD)
VendorProductVersion
ztezxcloud_irai
7.23.20 ≤
𝑥
< 7.25.43
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/3126272076755775573