CVE-2026-40431 — MEDIUM (5.3)

Vulnerability Description

A vulnerability exists in SenseLive X3050’s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because management traffic, including authentication attempts and configuration data, is transmitted in cleartext, an attacker with access to the same network segment could intercept or observe sensitive operational information.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

LOW

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Senselive	X3500 Firmware	1.523
Senselive	X3500	-

Related Weaknesses (CWE)

CWE-319

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-11Third Party Advisory
https://senselive.io/contactProduct
https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12US Government Resource

FAQ

What is CVE-2026-40431?

CVE-2026-40431 is a vulnerability with a CVSS score of 5.3 (MEDIUM). A vulnerability exists in SenseLive X3050’s web management interface due to its reliance on unencrypted HTTP for all administrative communication. Because management traffic, including authentication ...

How severe is CVE-2026-40431?

CVE-2026-40431 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2026-40431?

Check the references section above for vendor advisories and patch information. Affected products include: Senselive X3500 Firmware, Senselive X3500.