CVE-2025-53969
published 2025-09-18CVE-2025-53969: Cognex In-Sight Explorer and In-Sight Camera Firmware expose a service implementing a proprietary protocol on TCP port 1069 to allow the client-side software…
PriorityP260high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.36%
28.2th percentile
Cognex In-Sight Explorer and In-Sight Camera Firmware expose
a service implementing a proprietary protocol on TCP port 1069 to allow
the client-side software, such as the In-Sight Explorer tool, to perform
management operations such as changing network settings or modifying
users' access to the device.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cognex | in-sight_2000_series | 5.x – 6.5.1 | — |
| cognex | in-sight_7000_series | 5.x – 6.5.1 | — |
| cognex | in-sight_8000_series | 5.x – 6.5.1 | — |
| cognex | in-sight_9000_series | 5.x – 6.5.1 | — |
| cognex | in-sight_explorer | 5.x – 6.5.1 | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv4.08.6HIGHCVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Cognex In-Sight Explorer and In-Sight Camera Firmware
cisa_ics·2025-09-18·CVSS 8.0
[HIGH] Cognex In-Sight Explorer and In-Sight Camera Firmware
ICS Advisory
##
Cognex In-Sight Explorer and In-Sight Camera Firmware
Release DateSeptember 18, 2025
Alert CodeICSA-25-261-06
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 8.6
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Cognex
- Equipment: In-Sight Explorer, In-Sight Camera Firmware
- Vulnerabilities: Use of Hard-coded Password, Cleartext Transmission of Sensitive Information, Incorrect Default Permissions, Improper Restriction of Excessive Authentication Attempts, Incorrect Permission Assignment for Critical Resource, Authentication Bypass by Capture-replay, Client-Side Enforcement of Server-Side Security
## 2. RISK EVALUATION
Successful exploitati
GHSA
GHSA-cw2c-4c8r-3m6v: Cognex In-Sight Explorer and In-Sight Camera Firmware expose
a service implementing a proprietary protocol on TCP port 1069 to allow
the client-side s
ghsa_unreviewed·2025-09-19
CVE-2025-53969 [HIGH] CWE-602 GHSA-cw2c-4c8r-3m6v: Cognex In-Sight Explorer and In-Sight Camera Firmware expose
a service implementing a proprietary protocol on TCP port 1069 to allow
the client-side s
Cognex In-Sight Explorer and In-Sight Camera Firmware expose
a service implementing a proprietary protocol on TCP port 1069 to allow
the client-side software, such as the In-Sight Explorer tool, to perform
management operations such as changing network settings or modifying
users' access to the device.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2025-09-18
Published