Home / Vulnerability Intelligence / CVE-2026-39462

CVE-2026-39462 - Vulnerability Analysis

HighCVSS: 8.1

Last Updated: April 24, 2026

SenseLive X3050 - Authentication Bypass

Published: April 24, 2026Updated: April 24, 2026Remote Exploitable

Overview

SenseLive X3050 contains a broken authentication caused by improper handling of credential changes in the web management interface, letting attackers bypass password updates after factory reset, exploit requires access to the device interface.

Severity & Score

Severity: High

CVSS Score: 8.1

Impact

Attackers can bypass password changes, potentially allowing unauthorized access to the device even after factory reset.

Mitigation

Update to the latest firmware version that fixes credential handling issues.

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json
https://senselive.io/contact
https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-39462
Severity: High
CVSS Score: 8.1
Type: broken_authentication
Status: new

CWE

CWE-522

CVSS Metrics

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H