EUVD-2026-25363
GHSA-cg8c-rhc6-wgg5
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionNVD
A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inadequate enforcement of constraints on sensitive functions, parameters such as IP addressing, watchdog timers, reconnect intervals, and service ports can be set to unsupported or unsafe values. These configuration changes directly affect core device behaviour and recovery mechanisms. The lack of proper validation and safeguards allows critical system functions to be altered in a manner that can destabilize device operation or render the device persistently unavailable.
AnalysisAI
Unauthorized configuration tampering in SenseLive X3050 web management interface allows authenticated attackers to set critical system parameters (IP addressing, watchdog timers, reconnect intervals, service ports) to unsafe values, causing persistent device unavailability or operational instability. CISA ICS-CERT advisory confirms impact on industrial control systems. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Audit all user accounts with access to SenseLive X3050 web management interfaces and disable unnecessary low-privilege accounts; implement network segmentation to restrict management interface access to authorized personnel only. Within 7 days: Deploy network-level authentication (VPN/bastion host requirement) for all remote management access to affected devices; document current device configurations as baseline for change detection. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today