Primary

Context

ZTE Cloud PC Client uSmartView DLL Hijacking Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A DLL hijacking vulnerability has been identified in the ZTE Cloud PC client uSmartView. This issue arises because the uSmartViewServiceAgent.exe operates with SYSTEM privileges. Successful exploitation of this vulnerability allows for local arbitrary code execution, privilege escalation, and memory corruption.

Impact

Exploitation of this vulnerability could lead to unauthorized local code execution, elevated privileges, and potential memory corruption.

Remediation

Users can upgrade to ZXCLOUD-iRAI-ClientV7.25.43 to address this vulnerability. For assistance, contact the ZTE Global Customer Support Center.

Added: May 7, 2026, 8:18 AM

Updated: May 7, 2026, 8:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

7.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

3.3

remediation

0.0

relevance

7.6

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ZTE Cloud PC Client uSmartView DLL Hijacking Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating