Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from Vendor (icscert) · only source for this CVE.
CVSS VectorVendor: icscert
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and update operations to be performed without authentication or authorization. The service accepts firmware-related requests from any reachable host and does not verify user privileges, integrity of uploaded images, or the authenticity of provided firmware.
AnalysisAI
Unauthenticated remote attackers can retrieve and replace firmware on SenseLive X3050 industrial control devices via the remote management service, which performs no authentication, authorization, or integrity validation. This allows complete device takeover by uploading malicious firmware images. CISA has published an ICS advisory (ICSA-26-111-12), indicating industrial/OT sector relevance, though no CISA KEV listing or public exploit code has been identified at time of analysis.
Technical ContextAI
The vulnerability resides in SenseLive X3050's remote management service, an unauthenticated network-accessible endpoint designed for firmware operations. The flaw is CWE-306 (Missing Authentication for Critical Function), meaning the service completely omits authentication and authorization checks before executing privileged firmware operations. The CVSS 4.0 vector AV:N indicates network attack vector with AC:L (low attack complexity) and PR:N (no privileges required), confirming the service is exposed without credential requirements. The service fails three critical validation steps: it does not authenticate the requesting host, does not verify user privileges for firmware modification operations, and does not validate cryptographic signatures or integrity hashes of uploaded firmware images. This triple failure allows trivial exploitation from any network-reachable position.
RemediationAI
No vendor-released patch version has been identified in available data at time of analysis. Organizations should immediately contact SenseLive via https://senselive.io/contact to obtain firmware updates addressing CVE-2026-25775 and confirm patch availability. Until patched firmware is deployed, implement network-layer compensating controls: isolate X3050 devices behind firewalls blocking all inbound access to the remote management service port from untrusted networks, restrict management service access to specific IP addresses of authorized administrators using ACLs, and disable the remote management service entirely if firmware update functionality is not operationally required (assess impact on remote monitoring capabilities before disabling). Deploy network monitoring to detect unauthorized firmware retrieval attempts (unusual outbound data exfiltration from X3050 devices) or upload operations (inbound connections to management service from unexpected sources). These mitigations reduce attack surface but introduce operational overhead for firmware maintenance and may break remote management workflows, requiring local console access for updates. Consult CISA advisory ICSA-26-111-12 at https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12 for additional sector-specific guidance.
SenseLive X3050's embedded management service grants full administrative control to unauthenticated remote attackers. Th
Client-side authentication bypass in SenseLive X3050's web management interface allows remote unauthenticated attackers
Authentication bypass in SenseLive X3050 web management interface allows remote unauthenticated attackers to gain admini
Remote unauthenticated attackers can permanently disable SenseLive X3050 industrial gateways and connected RS-485 downst
Unauthenticated network discovery in SenseLive X3050 management ecosystem exposes device presence, identifiers, and mana
Cross-Site Request Forgery in SenseLive X3050's web management interface enables authenticated attackers to force victim
Unauthorized configuration tampering in SenseLive X3050 web management interface allows authenticated attackers to set c
SenseLive X3050 web management interface transmits all administrative communication including authentication credentials
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-25351
GHSA-j5pw-86cx-29xv