CVE-2025-53969
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
Cognex In-Sight Explorer and In-Sight Camera Firmware expose a service implementing a proprietary protocol on TCP port 1069 to allow the client-side software, such as the In-Sight Explorer tool, to perform management operations such as changing network settings or modifying users' access to the device.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Cognex | In-Sight 2000 series | 5.x <= 6.5.1 | affected |
| Cognex | In-Sight 7000 series | 5.x <= 6.5.1 | affected |
| Cognex | In-Sight 8000 series | 5.x <= 6.5.1 | affected |
| Cognex | In-Sight 9000 series | 5.x <= 6.5.1 | affected |
| Cognex | In-Sight Explorer | 5.x <= 6.5.1 | affected |
Weaknesses
- CWE-602: CWE-602
Workarounds
Cognex reports that In-Sight Explorer based vision systems are legacy products not intended for new applications. To reduce risk, asset owners are advised to switch to next generation In-Sight Vision Suite based vision systems, such as the In-Sight 2800, In-Sight 3800, In-Sight 8900 series embedded cameras.
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.