CVE-2026-25720

Summary

A vulnerability exists in SenseLive

X3050’s web management interface due to improper session lifetime enforcement, allowing authenticated sessions to remain active for extended periods without requiring re-authentication. An attacker with access to a previously authenticated session could continue interacting with administrative functions long after legitimate user activity has ceased.

Affected Software

VendorProductVersion RangeStatus
SenseLiveX3050V1.523affected

Weaknesses

  • CWE-613: CWE-613 Insufficient session expiration

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References