CVE-2025-53969

Summary

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a service implementing a proprietary protocol on TCP port 1069 to allow the client-side software, such as the In-Sight Explorer tool, to perform management operations such as changing network settings or modifying users' access to the device.

Affected Software

VendorProductVersion RangeStatus
CognexIn-Sight 2000 series5.x <= 6.5.1affected
CognexIn-Sight 7000 series5.x <= 6.5.1affected
CognexIn-Sight 8000 series5.x <= 6.5.1affected
CognexIn-Sight 9000 series5.x <= 6.5.1affected
CognexIn-Sight Explorer5.x <= 6.5.1affected

Weaknesses

  • CWE-602: CWE-602

Workarounds

Cognex reports that In-Sight Explorer based vision systems are legacy products not intended for new applications. To reduce risk, asset owners are advised to switch to next generation In-Sight Vision Suite based vision systems, such as the In-Sight 2800, In-Sight 3800, In-Sight 8900 series embedded cameras.

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References