CVE-2026-25775

Awaiting Analysis Awaiting Analysis - Queue

BaseFortify

Publication date: 2026-04-24

Last updated on: 2026-04-24

Assigner: ICS-CERT

Description

A vulnerability in SenseLive X3050’s remote management service allows firmware retrieval and update operations to be performed without authentication or authorization. The service accepts firmware-related requests from any reachable host and does not verify user privileges, integrity of uploaded images, or the authenticity of provided firmware.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published

2026-04-24

Last Modified

2026-04-24

Generated

2026-05-07

EPSS Evaluated

2026-05-05

NVD

CVE-2026-25775

EUVD

EUVD-2026-25351

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE

KEV

CWE ID	Description
CWE-306	The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources.

Attack-Flow Graph

Ask Our AI Assistant

Need more information? Ask your question to get an AI reply (Powered by our expertise)

0/70

CVE-2026-25775

BaseFortify

Description

CVSS Scores

EPSS Scores

Meta Information

Affected Vendors & Products

Helpful Resources

Exploitability

Attack-Flow Graph

Ask Our AI Assistant

EPSS Chart