Cognex In-Sight 2000 Series vulnerabilities
9 known vulnerabilities affecting cognex/in-sight_2000_series.
Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH9
Vulnerabilities
Page 1 of 1
CVE-2025-53969P2HIGHCVSS 8.8≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-53969 [HIGH] CWE-602 CVE-2025-53969: Cognex In-Sight Explorer and In-Sight Camera Firmware expose a service implementing a proprietary p
Cognex In-Sight Explorer and In-Sight Camera Firmware expose
a service implementing a proprietary protocol on TCP port 1069 to allow
the client-side software, such as the In-Sight Explorer tool, to perform
management operations such as changing network settings or modifying
users' access to the device.
nvd
CVE-2025-52873P3HIGHCVSS 8.1≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-52873 [HIGH] CWE-732 CVE-2025-52873: Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to a
Cognex In-Sight Explorer and In-Sight Camera Firmware expose
a telnet-based service on port 23 to allow management operations such as
firmware upgrades and device reboots, which require authentication. A
user with protected privileges can successfully invoke the
SetSystemConfig functionality to modify relevant device properties (such
as network setting
nvd
CVE-2025-54497P3HIGHCVSS 8.1≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-54497 [HIGH] CWE-732 CVE-2025-54497: Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to
Cognex In-Sight Explorer and In-Sight Camera Firmware expose
a telnet-based service
on port 23 to allow management operations such as firmware upgrades and
device reboots, which require authentication. A user with protected
privileges can successfully invoke the SetSerialPort functionality to
modify relevant device properties (such as serial interface se
nvd
CVE-2025-54754P3HIGHCVSS 8.0≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-54754 [HIGH] CWE-259 CVE-2025-54754: An attacker with adjacent access, without authentication, can exploit this vulnerability to retriev
An attacker with adjacent access, without authentication, can exploit
this vulnerability to retrieve a hard-coded password embedded in
publicly available software. This password can then be used to decrypt
sensitive network traffic, affecting the Cognex device.
nvd
CVE-2025-47698P3HIGHCVSS 8.6≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-47698 [HIGH] CWE-319 CVE-2025-47698: An adjacent attacker without authentication can exploit this vulnerability to retrieve a set of user
An adjacent attacker without authentication can exploit this vulnerability to retrieve a set of user-privileged credentials. These credentials are present during the firmware upgrade procedure.
nvd
CVE-2025-54810P3HIGHCVSS 8.0≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-54810 [HIGH] CWE-294 CVE-2025-54810: Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 10
Cognex In-Sight Explorer and In-Sight Camera Firmware expose
a proprietary protocol on TCP port 1069 to perform management operations
such as modifying system properties. The user management functionality
handles sensitive data such as registered usernames and passwords over
an unencrypted channel, allowing an adjacent attacker to intercept valid
crede
nvd
CVE-2025-54818P3HIGHCVSS 8.0≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-54818 [HIGH] CWE-319 CVE-2025-54818: Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 10
Cognex In-Sight Explorer and In-Sight Camera Firmware expose
a proprietary protocol on TCP port 1069 to perform management operations
such as modifying system properties. The user management functionality
handles sensitive data such as registered usernames and passwords over
an unencrypted channel, allowing an adjacent attacker to intercept valid
crede
nvd
CVE-2025-54860P3HIGHCVSS 7.7≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-54860 [HIGH] CWE-307 CVE-2025-54860: Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 in or
Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 in order to allow
management operations on the device such as firmware upgrades and device
reboot requiring an authentication. A wrong management of login
failures of the service allows a denial-of-service attack, leaving the telnet service
into an unreachab
nvd
CVE-2025-53947P3HIGHCVSS 7.7≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-53947 [HIGH] CWE-276 CVE-2025-53947: A local attacker with low privileges on the Windows system where the software is installed can expl
A local attacker with low privileges on the Windows system where the
software is installed can exploit this vulnerability to corrupt
sensitive data. A data folder is created with very weak privileges,
allowing any user logged into the Windows system to modify its content.
nvd