Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
6DescriptionCVE.org
A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are exposed by the underlying service rather than gated by authentication, an attacker on the same network segment can rapidly enumerate targeted devices.
AnalysisAI
Unauthenticated network discovery in SenseLive X3050 management ecosystem exposes device presence, identifiers, and management interfaces to attackers on the same network segment. The vendor's management protocol fails to authenticate discovery functions (CWE-306), allowing rapid enumeration of all deployed X3050 units without credentials. CISA ICS-CERT has issued an advisory (ICSA-26-111-12), indicating awareness in industrial control system environments. CVSS 8.7 reflects high confidentiality impact from network-based, low-complexity attacks requiring no privileges or user interaction.
Technical ContextAI
SenseLive X3050 is an industrial automation or monitoring device with a centralized management ecosystem. The vulnerability stems from CWE-306 (Missing Authentication for Critical Function), where the underlying management service exposes device discovery protocol functions without requiring authentication. This is a common design flaw in industrial protocols where device enumeration and service advertisement (similar to UPnP, mDNS, or proprietary discovery mechanisms) operate at the network layer without access controls. The CVSS 4.0 vector (AV:N/AC:L/PR:N) confirms network-accessible exploitation with low attack complexity and no privilege requirements. The CPE identifier indicates all versions of the X3050 product are affected, though no specific version range is provided in available data. This authentication bypass allows information disclosure (VC:H) without impacting integrity or availability.
RemediationAI
Contact SenseLive directly via https://senselive.io/contact for patch availability and remediation guidance, as no vendor-released patch version is confirmed in available data. CISA advisory ICSA-26-111-12 at https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12 may contain vendor-recommended mitigations. Implement network segmentation to isolate X3050 management traffic on dedicated VLANs or management networks, preventing attacker access to the network segment where discovery protocol operates - this compensating control directly addresses the AV:N vector by reducing network exposure. Deploy ingress/egress filtering on management network boundaries to block unauthorized discovery protocol traffic (identify specific UDP/TCP ports used by SenseLive management protocol from vendor documentation). Implement network access control (802.1X) on segments containing X3050 devices to authenticate endpoints before network access. Monitor network traffic for unexpected discovery protocol activity from unknown sources. These controls reduce attack surface but may complicate legitimate device provisioning and management workflows, requiring coordination with operational teams.
Unauthenticated remote attackers can retrieve and replace firmware on SenseLive X3050 industrial control devices via the
SenseLive X3050's embedded management service grants full administrative control to unauthenticated remote attackers. Th
Client-side authentication bypass in SenseLive X3050's web management interface allows remote unauthenticated attackers
Authentication bypass in SenseLive X3050 web management interface allows remote unauthenticated attackers to gain admini
Remote unauthenticated attackers can permanently disable SenseLive X3050 industrial gateways and connected RS-485 downst
Cross-Site Request Forgery in SenseLive X3050's web management interface enables authenticated attackers to force victim
Unauthorized configuration tampering in SenseLive X3050 web management interface allows authenticated attackers to set c
SenseLive X3050 web management interface transmits all administrative communication including authentication credentials
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-25358
GHSA-vx53-3hhq-vppx