Skip to main content

SenseLive X3050 CVE-2026-40623

| EUVDEUVD-2026-25363 HIGH
Missing Authorization (CWE-862)
2026-04-23 icscert GHSA-cg8c-rhc6-wgg5
7.2
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
7.2 HIGH
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Network
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

6
Re-analysis Queued
Apr 24, 2026 - 14:52 vuln.today
cvss_changed
Analysis Generated
Apr 24, 2026 - 00:48 vuln.today
CVSS changed
Apr 24, 2026 - 00:22 NVD
8.1 (HIGH) 7.2 (HIGH)
EUVD ID Assigned
Apr 24, 2026 - 00:15 euvd
EUVD-2026-25363
Analysis Generated
Apr 24, 2026 - 00:15 vuln.today
CVE Published
Apr 23, 2026 - 23:58 nvd
HIGH 7.2

DescriptionCVE.org

A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inadequate enforcement of constraints on sensitive functions, parameters such as IP addressing, watchdog timers, reconnect intervals, and service ports can be set to unsupported or unsafe values. These configuration changes directly affect core device behaviour and recovery mechanisms. The lack of proper validation and safeguards allows critical system functions to be altered in a manner that can destabilize device operation or render the device persistently unavailable.

AnalysisAI

Unauthorized configuration tampering in SenseLive X3050 web management interface allows authenticated attackers to set critical system parameters (IP addressing, watchdog timers, reconnect intervals, service ports) to unsafe values, causing persistent device unavailability or operational instability. CISA ICS-CERT advisory confirms impact on industrial control systems. Network-accessible with low complexity (AV:N/AC:L) but requires low-privilege authentication (PR:L). High integrity and availability impact (VI:H/VA:H) with zero confidentiality impact. No public exploit identified at time of analysis.

Technical ContextAI

This vulnerability stems from CWE-862 (Missing Authorization), where the SenseLive X3050 web management interface fails to implement proper authorization checks and input validation on critical configuration endpoints. The affected product is an industrial IoT device per CPE string cpe:2.3:a:senselive:x3050. The CVSS 4.0 vector indicates high integrity and availability impact with network attack surface, suggesting the web interface accepts authenticated API calls or form submissions that modify device configuration without verifying parameter ranges, business logic constraints, or safety thresholds. Unlike typical input validation flaws that cause crashes, this missing authorization allows logically valid but operationally dangerous values (e.g., setting watchdog timeout to zero, binding critical services to unreachable IPs, configuring reconnect intervals that prevent recovery). The authentication bypass tag combined with PR:L suggests the interface either accepts low-privilege credentials or inadequately segregates administrative functions from standard user roles.

RemediationAI

Consult CISA ICS-CERT advisory ICSA-26-111-12 at https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12 for vendor-specific patch information and mitigation guidance. Contact SenseLive directly via https://senselive.io/contact for firmware updates addressing CWE-862 authorization controls. Until patched, implement network-level access controls: restrict web management interface access to dedicated management VLANs using firewall rules blocking TCP ports commonly used for web interfaces (80/443) from untrusted networks. Deploy multi-factor authentication if supported to raise authentication bar beyond PR:L. Enable configuration change logging and alerting to detect unauthorized parameter modifications. Consider disabling remote web interface entirely and requiring physical console access for configuration changes in high-security deployments, though this trades security for operational flexibility. Regularly audit user account privileges to ensure least-privilege access, preventing low-privilege accounts from accessing configuration endpoints. Note that network segmentation does not prevent insider threats or credential compromise scenarios.

Share

CVE-2026-40623 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy