High severity7.5NVD Advisory· Published Apr 24, 2026· Updated Apr 28, 2026
CVE-2026-35064
CVE-2026-35064
Description
A vulnerability in SenseLive X3050’s management ecosystem allows unauthenticated discovery of deployed units through the vendor’s management protocol, enabling identification of device presence, identifiers, and management interfaces without requiring credentials. Because discovery functions are exposed by the underlying service rather than gated by authentication, an attacker on the same network segment can rapidly enumerate targeted devices.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- cpe:2.3:o:senselive:x3500_firmware:1.523:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
3- github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-111-12.jsonnvdThird Party Advisory
- senselive.io/contactnvdProduct
- www.cisa.gov/news-events/ics-advisories/icsa-26-111-12nvdUS Government Resource
News mentions
1- SenseLive X3050CISA Alerts