{"dataType":"CVE_RECORD","dataVersion":"5.2","cveMetadata":{"cveId":"CVE-2026-40001","assignerOrgId":"6786b568-6808-4982-b61f-398b0d9679eb","state":"PUBLISHED","assignerShortName":"zte","dateReserved":"2026-04-08T07:51:26.675Z","datePublished":"2026-05-06T08:48:10.466Z","dateUpdated":"2026-05-06T08:48:10.466Z"},"containers":{"cna":{"providerMetadata":{"orgId":"6786b568-6808-4982-b61f-398b0d9679eb","shortName":"zte","dateUpdated":"2026-05-06T08:48:10.466Z"},"title":"Local privilege escalation vulnerability in ZTE PROCESS Guard service of the cloud computer client","problemTypes":[{"descriptions":[{"lang":"en","cweId":"CWE-269","description":"CWE-269: Improper Privilege Management","type":"CWE"}]}],"impacts":[{"capecId":"CAPEC-233","descriptions":[{"lang":"en","value":"CAPEC-233 Privilege Escalation"}]}],"affected":[{"vendor":"ZTE","product":"ZTE PROCESS Guard service","versions":[{"status":"affected","version":"ZXCLOUD-iRAI-ClientV7.2X"}],"defaultStatus":"unaffected"}],"descriptions":[{"lang":"en","value":"There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass.","supportingMedia":[{"type":"text/html","base64":false,"value":"
There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass.