Improper Session Management in SenseLive X3050 Web Management Interface
CVE-2026-25720

6.9MEDIUM

Key Information:

Vendor: Senselive
Status: X3050
Vendor: CVE Published:; 23 April 2026

What is CVE-2026-25720?

A significant vulnerability in the web management interface of the SenseLive X3050 arises from improper session lifetime enforcement. This flaw allows authenticated sessions to persist for extended durations without necessitating re-authentication. Consequently, if an attacker gains access to a previously authenticated session, they can interact with sensitive administrative functions, potentially compromising security measures and leading to unauthorized access to critical system controls.

Affected Version(s)

X3050 V1.523

References

https://senselive.io/contact

https://www.cisa.gov/news-events/ics-advisories/icsa-26-1...

https://github.com/cisagov/CSAF/blob/develop/csaf_files/O...

CVSS V4

Score:

6.9

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 23, 2026
Vulnerability Reserved
Apr 14, 2026

Credit

Jithin Nambiar J reported these vulnerabilities to CISA.

CVE-2026-25720 Data

JSON

Senselive

What is CVE-2026-25720?

Affected Version(s)

References

CVSS V4

Timeline

Credit