Vulnerability Description
A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inadequate enforcement of constraints on sensitive functions, parameters such as IP addressing, watchdog timers, reconnect intervals, and service ports can be set to unsupported or unsafe values. These configuration changes directly affect core device behaviour and recovery mechanisms. The lack of proper validation and safeguards allows critical system functions to be altered in a manner that can destabilize device operation or render the device persistently unavailable.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Senselive | X3500 Firmware | 1.523 |
| Senselive | X3500 | - |
Related Weaknesses (CWE)
References
- https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-11Third Party Advisory
- https://senselive.io/contactProduct
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12US Government Resource
FAQ
What is CVE-2026-40623?
CVE-2026-40623 is a vulnerability with a CVSS score of 8.1 (HIGH). A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inade...
How severe is CVE-2026-40623?
CVE-2026-40623 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2026-40623?
Check the references section above for vendor advisories and patch information. Affected products include: Senselive X3500 Firmware, Senselive X3500.