Remote Denial-of-Service Vulnerability in ZTE Cloud PC Client
CVE-2026-44407

4.7MEDIUM

Key Information:

Vendor: Zte
Status: Zxcloud Irai
Vendor: CVE Published:; 7 May 2026

What is CVE-2026-44407?

A vulnerability has been identified in the ZTE Cloud PC client known as uSmartview, allowing attackers to exploit the software and potentially cause memory corruption. This exploitation can lead to a remote denial-of-service condition, impacting the overall performance and availability of the service. Users of the affected product should be aware of this issue and take appropriate measures to safeguard their systems.

Affected Version(s)

ZXCLOUD iRAI ZXCLOUD-iRAI-ClientV7.2X

References

https://support.zte.com.cn/zte-iccp-isupport-webui/bullet...

CVSS V3.1

Score:

4.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Local

Attack Complexity:

High

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 7, 2026
Vulnerability Reserved
May 6, 2026

Credit

Runzi Zhao, Feng Ye and Ziwei Wang

CVE-2026-44407 Data

JSON

Zte

What is CVE-2026-44407?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit