CVE-2026-44406

ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since uSmartViewServic...

medium 5.7 CVSS 3.1

Published: May 7, 2026

Modified: May 8, 2026

Vendor: Zte

Description

ZTE Cloud PC client uSmartView contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.contains a DLL hijacking vulnerability; since uSmartViewServiceAgent.exe runs with SYSTEM privileges, successful hijacking enables local arbitrary code execution, privilege escalation, and memory corruption.

References

https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/8107253322107965601

Related CVEs

CVSS Breakdown

Version	3.1
Score	5.7 / 10
Severity	medium

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

Weakness (CWE)

CWE-427

Affected Product

Vendor	Zte
Product	Zxcloud Irai