Home / Vulnerability Intelligence / CVE-2026-40630

CVE-2026-40630 - Vulnerability Analysis

CriticalCVSS: 9.8

Last Updated: April 24, 2026

SenseLive X3050 - Authentication Bypass

Published: April 24, 2026Updated: April 24, 2026Remote Exploitable

Overview

SenseLive X3050 contains an authentication bypass caused by improper access control enforcement in the web management interface, letting attackers with network access bypass authentication and access sensitive configuration endpoints.

Severity & Score

Severity: Critical

CVSS Score: 9.8

Impact

Attackers can bypass authentication to access and modify sensitive device configurations, potentially compromising device security.

Mitigation

Update to the latest version with proper access control enforcement.

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.json
https://senselive.io/contact
https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-12

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2026-40630
Severity: Critical
CVSS Score: 9.8
Type: broken_authentication
Status: new

CWE

CWE-288

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H