CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-40004

There exists an openssl.cnf privilege escalation vulnerability in ZTE Cloud PC client uSmartview. An attacker can execute arbitrary code locally and escalate privileges.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 0.4%

CVSS Severity

CVSS v3 Score 5.5

References

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/3126272076755775573

Products affected by CVE-2026-40004

Zte » Zxcloud Irai » Version: 7.23.20

cpe:2.3:a:zte:zxcloud_irai:7.23.20
Zte » Zxcloud Irai » Version: 7.23.21

cpe:2.3:a:zte:zxcloud_irai:7.23.21
Zte » Zxcloud Irai » Version: 7.23.23

cpe:2.3:a:zte:zxcloud_irai:7.23.23
Zte » Zxcloud Irai » Version: 7.23.30

cpe:2.3:a:zte:zxcloud_irai:7.23.30
Zte » Zxcloud Irai » Version: 7.23.31

cpe:2.3:a:zte:zxcloud_irai:7.23.31
Zte » Zxcloud Irai » Version: 7.23.32

cpe:2.3:a:zte:zxcloud_irai:7.23.32
Zte » Zxcloud Irai » Version: 7.23.40

cpe:2.3:a:zte:zxcloud_irai:7.23.40

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2026-40004

Products

Pricing

Contact Us