PatchSiren cyber security CVE debrief
CVE-2026-40623 Raw CVE debrief
CVE-2026-40623 affects the SenseLive X3050 V1.523 web management interface. The advisory says sensitive system and network settings can be changed without sufficient validation and safety controls, including IP addressing, watchdog timers, reconnect intervals, and service ports. Because these settings influence core behavior and recovery, unsafe values can destabilize the device or leave it persistently unavailable.
- Vendor
- Raw
- Product
- SenseLive X3050 V1.523
- CVSS
- HIGH 8.1
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-04-21
- Original CVE updated
- 2026-04-21
- Advisory published
- 2026-04-21
- Advisory updated
- 2026-04-21
Who should care
Operators and administrators of SenseLive X3050 V1.523 devices, especially OT/ICS teams, network and systems administrators, and anyone responsible for access to the device’s web management interface.
Technical summary
According to the CISA CSAF advisory ICSA-26-111-12, the issue has CVSS 3.1 vector AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H and a base score of 8.1 (High). The web management interface does not adequately enforce constraints on sensitive configuration functions, allowing unsupported or unsafe parameter values to be applied to critical network and recovery settings. The result is integrity and availability impact, with a risk of device instability or persistent unavailability.
Defensive priority
High. This is a remotely reachable management-plane issue with integrity and availability impact on an ICS device, so exposed or widely accessible X3050 management interfaces should be reviewed promptly.
Recommended defensive actions
- Inventory all SenseLive X3050 V1.523 devices and confirm which ones expose the web management interface.
- Restrict access to the management interface to trusted administrative networks and least-privilege users.
- Review and validate current configuration values for IP addressing, watchdog timers, reconnect intervals, and service ports against known-good baselines.
- Back up current configurations and verify recovery procedures so unsafe settings can be rolled back quickly if needed.
- Monitor for unauthorized or unexpected configuration changes on management interfaces and related network services.
- Follow CISA ICS recommended practices and contact SenseLive for product-specific guidance using the vendor contact path provided in the advisory.
Evidence notes
Primary facts come from the CISA CSAF advisory for ICSA-26-111-12, published 2026-04-21, and its referenced CVE record. The supplied advisory text states that the X3050 web management interface can accept unsupported or unsafe values for sensitive settings and that these changes may destabilize the device or render it persistently unavailable. The source also lists CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H, includes an SSVCv2 note of E:N/A:N/2026-04-20T06:00:00.000000Z, and says SenseLive did not respond to CISA’s coordination requests. The supplied data does not include a KEV entry.
Official resources
-
CVE-2026-40623 CVE record
CVE.org
-
CVE-2026-40623 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published the advisory on 2026-04-21. In the supplied advisory text, SenseLive did not respond to CISA’s requests to coordinate. The supplied data does not include a KEV entry.