CVE-2025-52873

Summary

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSystemConfig functionality to modify relevant device properties (such as network settings), contradicting the security model proposed in the user manual.

Affected Software

VendorProductVersion RangeStatus
CognexIn-Sight 2000 series5.x <= 6.5.1affected
CognexIn-Sight 7000 series5.x <= 6.5.1affected
CognexIn-Sight 8000 series5.x <= 6.5.1affected
CognexIn-Sight 9000 series5.x <= 6.5.1affected
CognexIn-Sight Explorer5.x <= 6.5.1affected

Weaknesses

  • CWE-732: CWE-732

Workarounds

Cognex reports that In-Sight Explorer based vision systems are legacy products not intended for new applications. To reduce risk, asset owners are advised to switch to next generation In-Sight Vision Suite based vision systems, such as the In-Sight 2800, In-Sight 3800, In-Sight 8900 series embedded cameras.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References