Skip to main content

SenseLive X3050 CVE-2026-27843

| EUVDEUVD-2026-25354 CRITICAL
Missing Authentication for Critical Function (CWE-306)
2026-04-23 icscert GHSA-7pfm-4rh7-6vp4
9.2
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
9.2 CRITICAL
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
X

Lifecycle Timeline

6
Re-analysis Queued
Apr 24, 2026 - 14:52 vuln.today
cvss_changed
Analysis Generated
Apr 24, 2026 - 00:46 vuln.today
CVSS changed
Apr 24, 2026 - 00:22 NVD
9.1 (CRITICAL) 9.2 (CRITICAL)
EUVD ID Assigned
Apr 24, 2026 - 00:15 euvd
EUVD-2026-25354
Analysis Generated
Apr 24, 2026 - 00:15 vuln.today
CVE Published
Apr 23, 2026 - 23:54 nvd
CRITICAL 9.2

DescriptionCVE.org

A vulnerability exists in SenseLive X3050's web management interface that allows critical configuration parameters to be modified without sufficient authentication or server-side validation. By applying unsupported or disruptive values to recovery mechanisms and network settings, an attacker can induce a persistent lockout state. Because the device lacks a physical reset button, recovery requires specialized technical access via the console to perform a factory reset, resulting in a total denial-of-service for the gateway and its connected RS-485 downstream systems.

AnalysisAI

Remote unauthenticated attackers can permanently disable SenseLive X3050 industrial gateways and connected RS-485 downstream systems by modifying critical configuration parameters through the web management interface. The device's lack of physical reset button forces specialized console-based factory reset procedures, making this a high-impact operational disruption vector for industrial environments. CISA ICS-CERT has issued an advisory (ICSA-26-111-12), indicating industrial sector awareness of this authentication bypass flaw.

Technical ContextAI

The SenseLive X3050 is an industrial IoT gateway managing RS-485 downstream systems, typically used in SCADA and building automation environments. The vulnerability stems from CWE-306 (Missing Authentication for Critical Function), where the web management interface fails to enforce authentication checks before accepting configuration changes to recovery mechanisms and network settings. The CVSS 4.0 vector shows network-accessible (AV:N), low complexity (AC:L), no privileges required (PR:N), indicating the configuration endpoints are exposed without authentication wrappers or CSRF protections. The VI:H (High Integrity Impact on Vulnerable system) and VA:H (High Availability Impact on Vulnerable system) ratings reflect direct modification of device state and induced lockout condition, while SA:H (High Availability Impact on Subsequent systems) captures cascading failure of RS-485 connected devices.

RemediationAI

Immediately isolate SenseLive X3050 web management interfaces from untrusted networks by restricting access to dedicated management VLANs or VPN-only access. Implement firewall rules blocking external access to the device's HTTP/HTTPS management ports (typically TCP 80/443) and permit connections only from authorized administrator IP addresses. Contact SenseLive directly via https://senselive.io/contact to obtain patched firmware or compensating control guidance, as no public patch version is identified in available advisories. For devices already in lockout state, recovery requires console cable access to perform factory reset - document and test this recovery procedure before widespread deployment. Deploy network intrusion detection signatures monitoring for unusual HTTP POST requests to X3050 configuration endpoints, particularly from non-management source addresses. Consider replacing X3050 gateways in critical infrastructure roles if vendor cannot provide timely authenticated management interface update. Note that network isolation trades operational convenience for security - remote management capabilities will be restricted pending authentication fix.

Share

CVE-2026-27843 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy