← back
CVE-2023-41780

Unsafe DLL Loading Vulnerability in ZTE ZXCLOUD iRAI

CVSS 6.4 MEDIUMEPSS 0.2%CWE-22
Vexday Risk Score
13Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.4EPSS 0.2%KEV nãoPoC Patch
Lifecycle
03 Jan 2024Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
There is an unsafe DLL loading vulnerability in ZTE ZXCLOUD iRAI. Due to the  program  failed to adequately validate the user's input, an attacker could exploit this vulnerability  to escalate local privileges.
CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
Affected products
ZTE · ZXCLOUD iRAI

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://https://support.zte.com.cn/support/news/LoopholeInfoDetail.aspx?newsId=1034404