X3050
Monthly
Unauthenticated remote attackers can retrieve and replace firmware on SenseLive X3050 industrial control devices via the remote management service, which performs no authentication, authorization, or integrity validation. This allows complete device takeover by uploading malicious firmware images. CISA has published an ICS advisory (ICSA-26-111-12), indicating industrial/OT sector relevance, though no CISA KEV listing or public exploit code has been identified at time of analysis.
Unauthenticated network discovery in SenseLive X3050 management ecosystem exposes device presence, identifiers, and management interfaces to attackers on the same network segment. The vendor's management protocol fails to authenticate discovery functions (CWE-306), allowing rapid enumeration of all deployed X3050 units without credentials. CISA ICS-CERT has issued an advisory (ICSA-26-111-12), indicating awareness in industrial control system environments. CVSS 8.7 reflects high confidentiality impact from network-based, low-complexity attacks requiring no privileges or user interaction.
SenseLive X3050's embedded management service grants full administrative control to unauthenticated remote attackers. The CVSS 4.0 score of 9.3 with network attack vector (AV:N), low complexity (AC:L), and no required privileges (PR:N) confirms this allows complete device compromise from any network-reachable host. CISA ICS Advisory ICSA-26-111-12 documents this vulnerability affecting industrial control system components, indicating potential operational technology (OT) environments are exposed. No authentication or authorization mechanisms protect the management interface, allowing arbitrary configuration changes, operational mode manipulation, and device state control through vendor or compatible clients.
Cross-Site Request Forgery in SenseLive X3050's web management interface enables authenticated attackers to force victims into executing unauthorized configuration changes and potentially disruptive operations. A remote attacker with low privileges can craft malicious web pages that, when visited by an authenticated administrator, trigger state-changing requests without the victim's knowledge, leading to high integrity and availability impact on the device. CISA ICS-CERT has issued an advisory (ICSA-26-111-12) for this industrial control system component, indicating coordination with the vendor and awareness within the critical infrastructure community.
Unauthorized configuration tampering in SenseLive X3050 web management interface allows authenticated attackers to set critical system parameters (IP addressing, watchdog timers, reconnect intervals, service ports) to unsafe values, causing persistent device unavailability or operational instability. CISA ICS-CERT advisory confirms impact on industrial control systems. Network-accessible with low complexity (AV:N/AC:L) but requires low-privilege authentication (PR:L). High integrity and availability impact (VI:H/VA:H) with zero confidentiality impact. No public exploit identified at time of analysis.
SenseLive X3050 web management interface transmits all administrative communication including authentication credentials and configuration data over unencrypted HTTP, allowing network-adjacent attackers to intercept sensitive operational information without authentication or user interaction. The vulnerability affects all versions of the X3050 and is classified as information disclosure with confirmed CISA ICS advisory coverage.
Remote unauthenticated attackers can permanently disable SenseLive X3050 industrial gateways and connected RS-485 downstream systems by modifying critical configuration parameters through the web management interface. The device's lack of physical reset button forces specialized console-based factory reset procedures, making this a high-impact operational disruption vector for industrial environments. CISA ICS-CERT has issued an advisory (ICSA-26-111-12), indicating industrial sector awareness of this authentication bypass flaw.
Authentication bypass in SenseLive X3050 web management interface allows remote unauthenticated attackers to gain administrative access using default or previously-set credentials. After factory restore via SenseLive Config 2.0 tool, password updates fail to propagate correctly - the interface falsely reports success while the backend continues accepting old credentials. CISA ICS-CERT has issued an advisory (ICSA-26-111-12), indicating this affects industrial control system deployments. With CVSS 9.3 (AV:N/AC:L/PR:N) and CWE-522 (Insufficiently Protected Credentials), this represents critical risk for remotely accessible devices where administrators believe credentials have been changed but remain exploitable.
Client-side authentication bypass in SenseLive X3050's web management interface allows remote unauthenticated attackers to gain full administrative access by extracting hardcoded credentials from browser-executed JavaScript. The vulnerability enables complete compromise of device management with zero technical barriers (CVSS 9.3, AV:N/AC:L/PR:N). CISA ICS-CERT has published an advisory, indicating this affects operational technology environments where administrative access to industrial sensors could enable process manipulation or monitoring disruption.
Unauthenticated remote attackers can retrieve and replace firmware on SenseLive X3050 industrial control devices via the remote management service, which performs no authentication, authorization, or integrity validation. This allows complete device takeover by uploading malicious firmware images. CISA has published an ICS advisory (ICSA-26-111-12), indicating industrial/OT sector relevance, though no CISA KEV listing or public exploit code has been identified at time of analysis.
Unauthenticated network discovery in SenseLive X3050 management ecosystem exposes device presence, identifiers, and management interfaces to attackers on the same network segment. The vendor's management protocol fails to authenticate discovery functions (CWE-306), allowing rapid enumeration of all deployed X3050 units without credentials. CISA ICS-CERT has issued an advisory (ICSA-26-111-12), indicating awareness in industrial control system environments. CVSS 8.7 reflects high confidentiality impact from network-based, low-complexity attacks requiring no privileges or user interaction.
SenseLive X3050's embedded management service grants full administrative control to unauthenticated remote attackers. The CVSS 4.0 score of 9.3 with network attack vector (AV:N), low complexity (AC:L), and no required privileges (PR:N) confirms this allows complete device compromise from any network-reachable host. CISA ICS Advisory ICSA-26-111-12 documents this vulnerability affecting industrial control system components, indicating potential operational technology (OT) environments are exposed. No authentication or authorization mechanisms protect the management interface, allowing arbitrary configuration changes, operational mode manipulation, and device state control through vendor or compatible clients.
Cross-Site Request Forgery in SenseLive X3050's web management interface enables authenticated attackers to force victims into executing unauthorized configuration changes and potentially disruptive operations. A remote attacker with low privileges can craft malicious web pages that, when visited by an authenticated administrator, trigger state-changing requests without the victim's knowledge, leading to high integrity and availability impact on the device. CISA ICS-CERT has issued an advisory (ICSA-26-111-12) for this industrial control system component, indicating coordination with the vendor and awareness within the critical infrastructure community.
Unauthorized configuration tampering in SenseLive X3050 web management interface allows authenticated attackers to set critical system parameters (IP addressing, watchdog timers, reconnect intervals, service ports) to unsafe values, causing persistent device unavailability or operational instability. CISA ICS-CERT advisory confirms impact on industrial control systems. Network-accessible with low complexity (AV:N/AC:L) but requires low-privilege authentication (PR:L). High integrity and availability impact (VI:H/VA:H) with zero confidentiality impact. No public exploit identified at time of analysis.
SenseLive X3050 web management interface transmits all administrative communication including authentication credentials and configuration data over unencrypted HTTP, allowing network-adjacent attackers to intercept sensitive operational information without authentication or user interaction. The vulnerability affects all versions of the X3050 and is classified as information disclosure with confirmed CISA ICS advisory coverage.
Remote unauthenticated attackers can permanently disable SenseLive X3050 industrial gateways and connected RS-485 downstream systems by modifying critical configuration parameters through the web management interface. The device's lack of physical reset button forces specialized console-based factory reset procedures, making this a high-impact operational disruption vector for industrial environments. CISA ICS-CERT has issued an advisory (ICSA-26-111-12), indicating industrial sector awareness of this authentication bypass flaw.
Authentication bypass in SenseLive X3050 web management interface allows remote unauthenticated attackers to gain administrative access using default or previously-set credentials. After factory restore via SenseLive Config 2.0 tool, password updates fail to propagate correctly - the interface falsely reports success while the backend continues accepting old credentials. CISA ICS-CERT has issued an advisory (ICSA-26-111-12), indicating this affects industrial control system deployments. With CVSS 9.3 (AV:N/AC:L/PR:N) and CWE-522 (Insufficiently Protected Credentials), this represents critical risk for remotely accessible devices where administrators believe credentials have been changed but remain exploitable.
Client-side authentication bypass in SenseLive X3050's web management interface allows remote unauthenticated attackers to gain full administrative access by extracting hardcoded credentials from browser-executed JavaScript. The vulnerability enables complete compromise of device management with zero technical barriers (CVSS 9.3, AV:N/AC:L/PR:N). CISA ICS-CERT has published an advisory, indicating this affects operational technology environments where administrative access to industrial sensors could enable process manipulation or monitoring disruption.