cbcvebase.
CVE-2022-1368
published 2022-09-06

CVE-2022-1368: The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-306: Missing Authentication for Critical Function…

PriorityP262critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.78%
51.2th percentile
The Cognex 3D-A1000 Dimensioning System in firmware version 1.0.3 (3354) and prior is vulnerable to CWE-306: Missing Authentication for Critical Function, which allows unauthorized users to change the operator account password via webserver commands by monitoring web socket communications from an unauthenticated session. This could allow an attacker to escalate privileges to match those of the compromised account.

Affected

2 ranges
VendorProductVersion rangeFixed in
cognex3d-a1000_dimensioning_systemall – 1.0.3 (3354)
cognex3d-a1000_dimensioning_system_firmware<= 1.0.3\(3354\)

Detection & IOCsextracted from sources · hover to see the quote

  • Monitor for unauthenticated WebSocket sessions that issue password-change commands to the Cognex 3D-A1000 web server — the vulnerability allows password changes via webserver commands observed from an unauthenticated session
  • Alert on any operator account password change events originating from unauthenticated WebSocket sessions on the Cognex 3D-A1000 device
  • Be aware that log entries showing a password change may be falsified by an attacker (CWE-117); do not rely solely on password-change log events for forensic confirmation of exploitation
  • Detect attempts to bypass web access controls by inspecting client-side source code of password-protected web elements on the device (CWE-602); monitor for unexpected direct HTTP requests to protected endpoints that bypass normal UI flow
  • ·Vulnerability affects firmware version 1.0.3 (3354) and prior; devices running release 1.2 PR2 or later are reportedly patched — scope detection rules to unpatched firmware versions only
  • ·No known public exploits specifically target these vulnerabilities at time of advisory publication — threat hunting should be prioritized over signature-based detection
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.