PatchSiren cyber security CVE debrief
CVE-2026-35064 Raw CVE debrief
CVE-2026-35064 is a high-severity reconnaissance issue in the SenseLive X3050 management ecosystem. According to the CISA CSAF advisory published on 2026-04-21T06:00:00Z, the vendor management protocol exposes discovery functions without authentication, allowing an attacker on the same network segment to identify deployed units, device identifiers, and management interfaces. The source does not describe code execution or device manipulation; the primary concern is unauthorized visibility into the OT/management environment.
- Vendor
- Raw
- Product
- SenseLive X3050 V1.523
- CVSS
- HIGH 7.5
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-21
- Original CVE updated
- 2026-04-21
- Advisory published
- 2026-04-21
- Advisory updated
- 2026-04-21
Who should care
OT/ICS operators, network defenders, and asset owners running SenseLive X3050 V1.523 or exposing its management protocol on shared or reachable segments should prioritize this issue. Security teams responsible for segmentation, monitoring, and device inventory should also pay attention.
Technical summary
The advisory describes unauthenticated discovery in the X3050 management ecosystem, where discovery requests are handled by the underlying service without credential checks. An attacker with network reachability on the same segment can enumerate target devices and learn identifiers and management interface details. The supplied CVSS v3.1 vector is AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, reflecting network reachability and confidentiality exposure without integrity or availability impact in the source description.
Defensive priority
High: treat this as a network-exposure and asset-discovery problem, especially in segmented OT environments where management services should not be broadly reachable.
Recommended defensive actions
- Verify whether SenseLive X3050 V1.523 is deployed and whether its management protocol is reachable from non-administrative or shared network segments.
- Restrict access to the management protocol with network controls such as VLAN separation, ACLs, or dedicated management networks.
- Review telemetry for repeated discovery activity or unexpected enumeration of device identifiers and management interfaces.
- Apply CISA ICS recommended practices and defense-in-depth guidance to reduce exposure of management services.
- Contact SenseLive using the vendor contact path provided in the advisory for product-specific remediation status and guidance.
Evidence notes
The source corpus identifies the issue in CISA CSAF advisory ICSA-26-111-12 and states that SenseLive did not respond to CISA's coordination requests. The advisory was initially published on 2026-04-21T06:00:00Z, and the source revision history shows only an initial publication entry. The supplied notes also include SSVCv2/E:N/A:N/2026-04-20T06:00:00.000000Z.
Official resources
-
CVE-2026-35064 CVE record
CVE.org
-
CVE-2026-35064 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
Publicly disclosed by CISA in advisory ICSA-26-111-12 on 2026-04-21T06:00:00Z. The source indicates an initial publication only and notes that SenseLive did not respond to CISA's coordination requests.