Description
ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.
Published: 2026-05-07
Score: 5.7 Medium
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

ZTE Cloud PC client uSmartView contains a DLL hijacking flaw. The vulnerable service uSmartViewServiceAgent.exe runs with SYSTEM privileges; if an attacker places a malicious DLL in the directory the service probes, the service will load it instead of the intended library. This grants the attacker local arbitrary code execution, privilege escalation to SYSTEM, and the potential for memory corruption.

Affected Systems

This affects ZTE Cloud PC client (uSmartView) deployed on ZTE ZXCLOUD iRAI systems. The vulnerability is present in the current released version(s) of the client, as no specific version is enumerated here.

Risk and Exploitability

The CVSS score of 5.7 indicates moderate severity. EPSS is not published, and the vulnerability is not listed in CISA's KEV catalog. The attack vector is local; an attacker with physical or local account access can supply a malicious DLL in the expected location. Successful exploitation would allow execution of any code with SYSTEM privileges.

Generated by OpenCVE AI on May 7, 2026 at 08:21 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade ZTE Cloud PC client to a version that includes the DLL hijacking fix.
  • Restrict write permissions on the directory where the service loads DLLs to prevent placement of malicious libraries by unauthorized users.
  • Manually verify that any DLLs in the service directory have the expected cryptographic hash or are signed by ZTE; remove or replace suspect files.

Generated by OpenCVE AI on May 7, 2026 at 08:21 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 07 May 2026 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Thu, 07 May 2026 08:45:00 +0000

Type Values Removed Values Added
First Time appeared Zte
Zte zxcloud Irai
Vendors & Products Zte
Zte zxcloud Irai

Thu, 07 May 2026 07:30:00 +0000

Type Values Removed Values Added
Description ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.
Title DLL Hijacking Vulnerability in ZTE Cloud PC Client uSmartview
Weaknesses CWE-427
References
Metrics cvssV3_1

{'score': 5.7, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L'}

Subscriptions

Zte Zxcloud Irai
cve-icon MITRE

Status: PUBLISHED

Assigner: zte

Published:

Updated: 2026-05-07T12:58:05.755Z

Reserved: 2026-05-06T08:50:27.676Z

Link: CVE-2026-44406

cve-icon Vulnrichment

Updated: 2026-05-07T12:58:00.602Z

cve-icon NVD

Status : Received

Published: 2026-05-07T08:16:00.830

Modified: 2026-05-07T08:16:00.830

Link: CVE-2026-44406

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-07T08:30:25Z

Weaknesses