top of page
perceptive_background_267k.jpg

A vulnerability in SenseLive X3050’s embedded management service allows full administrative control to be established without any form of authentication or auth…

Published:

23 April 2026 at 22:00:00

Alert date:

24 April 2026 at 15:07:56

Source:

nvd.nist.gov

Click to open the original link from this advisory

Mobile & IoT, Critical Infrastructure

CVE-2026-40620 is a critical vulnerability in SenseLive X3050's embedded management service that allows full administrative control without authentication or authorization. The vulnerability affects the SenseLive config application and accepts management connections from any reachable host. Attackers can perform unrestricted modification of critical configuration parameters, operational modes, and device state through vendor-supplied or compatible clients. This represents a complete bypass of security controls on the affected industrial device.

Technical details

Mitigation steps:

Affected products:

SenseLive X3050

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2026-40620
https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json
https://senselive.io/contact
https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page