CVE-2025-53947
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H
Summary
A local attacker with low privileges on the Windows system where the software is installed can exploit this vulnerability to corrupt sensitive data. A data folder is created with very weak privileges, allowing any user logged into the Windows system to modify its content.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cognex | In-Sight 2000 series | 5.x <= 6.5.1 | affected |
| Cognex | In-Sight 7000 series | 5.x <= 6.5.1 | affected |
| Cognex | In-Sight 8000 series | 5.x <= 6.5.1 | affected |
| Cognex | In-Sight 9000 series | 5.x <= 6.5.1 | affected |
| Cognex | In-Sight Explorer | 5.x <= 6.5.1 | affected |
Weaknesses
- CWE-276: CWE-276
Workarounds
Cognex reports that In-Sight Explorer based vision systems are legacy products not intended for new applications. To reduce risk, asset owners are advised to switch to next generation In-Sight Vision Suite based vision systems, such as the In-Sight 2800, In-Sight 3800, In-Sight 8900 series embedded cameras.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.