PatchSiren cyber security CVE debrief
CVE-2026-25720 Raw CVE debrief
CVE-2026-25720 affects the SenseLive X3050 V1.523 web management interface. Because authenticated sessions may remain valid longer than intended, a person with access to an already-authenticated session could keep using administrative functions after legitimate user activity has ended.
- Vendor
- Raw
- Product
- SenseLive X3050 V1.523
- CVSS
- MEDIUM 5.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-21
- Original CVE updated
- 2026-04-21
- Advisory published
- 2026-04-21
- Advisory updated
- 2026-04-21
Who should care
Administrators, operators, and security teams responsible for the SenseLive X3050 web management interface, especially anyone managing privileged sessions on the device.
Technical summary
The advisory describes improper session lifetime enforcement in the X3050 web management interface. Instead of expiring authenticated sessions promptly and requiring re-authentication, the interface can leave them active for extended periods. That creates an opportunity for continued use of administrative functions by someone who can access a previously authenticated session. The source rates the issue at CVSS v3.1 5.4 (AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N), indicating network-reachable exploitation with low complexity and low confidentiality/integrity impact.
Defensive priority
Medium priority. Remediate promptly, but this is not presented as an emergency-only issue in the supplied source data.
Recommended defensive actions
- Apply vendor-provided remediation or mitigation as soon as it is available, and monitor the CISA advisory for updates.
- Enforce short idle and absolute session timeouts on the management interface where product and surrounding controls allow it.
- Require re-authentication before sensitive administrative actions if possible.
- Restrict access to the web management interface to authorized administrators only and review whether stale sessions remain active.
- Audit administrative logs for unexpected activity that may have been performed through long-lived sessions.
- Follow CISA ICS recommended practices for defense in depth around management interfaces.
- If additional guidance is needed, use the vendor contact path listed in the advisory.
Evidence notes
All facts here come from the supplied CISA CSAF advisory ICSA-26-111-12 and its linked official references. The advisory was initially published on 2026-04-21 and does not show a later revision in the supplied timeline. It also states that SenseLive did not respond to CISA's coordination requests.
Official resources
-
CVE-2026-25720 CVE record
CVE.org
-
CVE-2026-25720 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published ICSA-26-111-12 on 2026-04-21. The advisory says SenseLive did not respond to CISA's coordination requests and directs affected users to contact the vendor for more information.