Primary

Context

SenseLive X3050 Embedded Management Service Authentication Bypass Vulnerability

Vulnerability

An authentication bypass vulnerability has been identified in the SenseLive X3050's embedded management service. This vulnerability allows full administrative control to be established on the SenseLive config application without any authentication or authorization. The management service accepts connections from any reachable host, enabling unrestricted modification of critical configuration parameters, operational modes, and device state through a vendor-supplied or compatible client.

Impact

Exploitation of this vulnerability could allow an attacker to gain complete control over the affected device.

Remediation

SenseLive did not respond to CISA's requests to coordinate. Affected users are encouraged to reach out to SenseLive for more information.

Added: Apr 24, 2026, 12:43 AM

Updated: Apr 24, 2026, 12:43 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

7.4

remediation

0.0

relevance

6.5

threat

0.0

urgency

2.9

incentive

4.2

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

SenseLive X3050 Embedded Management Service Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating