What is CVE-2026-40623?

CVE-2026-40623 is a high-severity vulnerability in Senselive X3050, classified under Missing Authorization. CVSS score: 8.1/10. Published 2026-04-24.

How severe is CVE-2026-40623?

High severity. CVSS v3 base score is 8.1 out of 10.

Auth bypass in Senselive X3050

CVE-2026-40623

A vulnerability in SenseLive X3050's web management interface allows critical system and network configuration parameters to be modified without sufficient validation and safety controls. Due to inadequate enforcement of constraints on sen…

Vulnerability class: Broken Access Control

EPSS: 0.000 (12.3th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.1 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H.

Affected products

Senselive X3050 — versions V1.523
Senselive X3500
Senselive X3500_firmware — versions 1.523

Weakness classification (CWE)

CWE-862 — Missing Authorization

References

ics-cert@hq.dhs.gov (Product)
ics-cert@hq.dhs.gov (US Government Resource)
ics-cert@hq.dhs.gov (Third Party Advisory)

Frequently asked questions

What is CVE-2026-40623?: CVE-2026-40623 is a high-severity vulnerability in Senselive X3050, classified under Missing Authorization. CVSS score: 8.1/10. Published 2026-04-24.
How severe is CVE-2026-40623?: High severity. CVSS v3 base score is 8.1 out of 10.