Skip to main content

ZTE PROCESS Guard Service EUVDEUVD-2026-27552

| CVE-2026-40001 MEDIUM
Improper Privilege Management (CWE-269)
2026-05-06 zte GHSA-rrwp-wxqm-p9v9
5.2
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
5.2 MEDIUM
AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:L
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
Changed
Confidentiality
None
Integrity
Low
Availability
Low

Lifecycle Timeline

1
Analysis Generated
May 06, 2026 - 10:01 vuln.today

DescriptionCVE.org

There is a local privilege escalation vulnerability in the ZTE PROCESS Guard service of the cloud computer client, which may allow local arbitrary code execution, privilege escalation and path traversal bypass.

AnalysisAI

Local privilege escalation in ZTE PROCESS Guard Service allows authenticated local users to escalate privileges and achieve arbitrary code execution through improper access control enforcement, affecting the cloud computer client. The vulnerability requires local access and authenticated user context but operates across system boundaries, potentially compromising system integrity. No active exploitation has been confirmed at time of analysis, though the combination of privilege escalation and RCE capability makes this a moderate-priority local threat.

Technical ContextAI

The ZTE PROCESS Guard Service is a security component within ZTE's cloud computer client platform. The vulnerability stems from improper access control mechanisms (CWE-269: Improper Access Control) in the service's privilege delegation or authorization checks. The CVSS vector indicates this is a local attack requiring authenticated user privileges (PR:L), but the scope crossing (S:C) suggests the service operates with elevated privileges that can affect other security domains. The path traversal bypass component indicates the service may be validating file paths inadequately, allowing attackers to access or modify files outside intended directories. The architecture likely involves the PROCESS Guard Service running with higher privileges than standard user applications, creating an escalation pathway.

RemediationAI

Apply ZTE's security update for the PROCESS Guard Service through ZTE's official support portal (https://support.zte.com.cn/zte-iccp-isupport-webui/bulletin/detail/1477954674427011121). Exact patched version numbers are not available in current data, so contact ZTE support directly or monitor the vendor advisory for specific version information. As interim compensating controls pending patch deployment, restrict local system access to trusted users only and disable or isolate the PROCESS Guard Service if not actively required for cloud computer client functionality (note: disabling may affect cloud client stability or security features, so validate in non-production environment first). Implement file system access controls to prevent unprivileged users from modifying sensitive paths that the service depends on. Monitor for suspicious privilege escalation events or unauthorized file access attempts from the ZTE PROCESS Guard Service process. If the service runs as a separate account, apply principle of least privilege by running it with minimum required permissions rather than full system privileges.

More in Zte

View all
CVE-2014-2321 CRITICAL POC
10.0 Mar 11

web_shell_cmd.gch on ZTE F460 and F660 cable modems allows remote attackers to obtain administrative access via sendcmd

CVE-2015-7251 CRITICAL POC
9.8 Dec 30

ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE have a hardcoded password of root for the root account, whic

CVE-2015-7259 HIGH POC
8.8 Aug 24

ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow user accounts to have multiple valid

CVE-2015-7258 HIGH POC
8.8 Aug 24

ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated users to obtain

CVE-2015-7248 HIGH POC
7.5 Dec 30

ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE allow remote attackers to discover usernames and password ha

CVE-2014-0329 CRITICAL POC
9.3 Feb 04

The TELNET service on the ZTE ZXV10 W300 router 2.1.0 has a hardcoded password ending with airocon for the admin account

CVE-2015-7250 HIGH POC
7.5 Dec 30

Absolute path traversal vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_PE

CVE-2017-16953 HIGH POC
7.5 Dec 01

connoppp.cgi on ZTE ZXDSL 831CII devices does not require HTTP Basic Authentication, which allows remote attackers to mo

CVE-2015-7252 MEDIUM POC
6.1 Dec 30

Cross-site scripting (XSS) vulnerability in cgi-bin/webproc on ZTE ZXHN H108N R1A devices before ZTE.bhs.ZXHNH108NR1A.k_

CVE-2015-7257 HIGH POC
7.5 Aug 24

ZTE ADSL ZXV10 W300 modems W300V2.1.0f_ER7_PE_O57 and W300V2.1.0h_ER7_PE_O57 allow remote authenticated non-administrato

CVE-2018-7364 CRITICAL POC
9.8 Dec 07

All versions up to ZXINOS-RESV1.01.43 of the ZTE ZXIN10 product European region are impacted by improper access control

CVE-2014-4018 HIGH POC
7.8 Jul 16

The ZTE ZXV10 W300 router with firmware W300V1.0.0a_ZRD_LK has a default password of admin for the admin account, which

Share

EUVD-2026-27552 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy