CVE-2026-40004

Summary

There exists an openssl.cnf privilege escalation vulnerability in ZTE Cloud PC client uSmartview. An attacker can execute arbitrary code locally and escalate privileges.

Affected Software

VendorProductVersion RangeStatus
ZTEZXCLOUD iRAIZXCLOUD-iRAI-ClientV7.2Xaffected

Weaknesses

  • CWE-427: CWE-427 Uncontrolled Search Path Element

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References