cbcvebase.

Cognex In-Sight 2000 Series vulnerabilities

9 known vulnerabilities affecting cognex/in-sight_2000_series.

Total CVEs
9
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH9

Vulnerabilities

Page 1 of 1
CVE-2025-53969P2HIGHCVSS 8.8≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-53969 [HIGH] CWE-602 CVE-2025-53969: Cognex In-Sight Explorer and In-Sight Camera Firmware expose a service implementing a proprietary p Cognex In-Sight Explorer and In-Sight Camera Firmware expose a service implementing a proprietary protocol on TCP port 1069 to allow the client-side software, such as the In-Sight Explorer tool, to perform management operations such as changing network settings or modifying users' access to the device.
nvd
CVE-2025-52873P3HIGHCVSS 8.1≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-52873 [HIGH] CWE-732 CVE-2025-52873: Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to a Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSystemConfig functionality to modify relevant device properties (such as network setting
nvd
CVE-2025-54497P3HIGHCVSS 8.1≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-54497 [HIGH] CWE-732 CVE-2025-54497: Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to modify relevant device properties (such as serial interface se
nvd
CVE-2025-54754P3HIGHCVSS 8.0≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-54754 [HIGH] CWE-259 CVE-2025-54754: An attacker with adjacent access, without authentication, can exploit this vulnerability to retriev An attacker with adjacent access, without authentication, can exploit this vulnerability to retrieve a hard-coded password embedded in publicly available software. This password can then be used to decrypt sensitive network traffic, affecting the Cognex device.
nvd
CVE-2025-47698P3HIGHCVSS 8.6≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-47698 [HIGH] CWE-319 CVE-2025-47698: An adjacent attacker without authentication can exploit this vulnerability to retrieve a set of user An adjacent attacker without authentication can exploit this vulnerability to retrieve a set of user-privileged credentials. These credentials are present during the firmware upgrade procedure.
nvd
CVE-2025-54810P3HIGHCVSS 8.0≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-54810 [HIGH] CWE-294 CVE-2025-54810: Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 10 Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modifying system properties. The user management functionality handles sensitive data such as registered usernames and passwords over an unencrypted channel, allowing an adjacent attacker to intercept valid crede
nvd
CVE-2025-54818P3HIGHCVSS 8.0≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-54818 [HIGH] CWE-319 CVE-2025-54818: Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 10 Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modifying system properties. The user management functionality handles sensitive data such as registered usernames and passwords over an unencrypted channel, allowing an adjacent attacker to intercept valid crede
nvd
CVE-2025-54860P3HIGHCVSS 7.7≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-54860 [HIGH] CWE-307 CVE-2025-54860: Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 in or Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 in order to allow management operations on the device such as firmware upgrades and device reboot requiring an authentication. A wrong management of login failures of the service allows a denial-of-service attack, leaving the telnet service into an unreachab
nvd
CVE-2025-53947P3HIGHCVSS 7.7≥ 5.x, ≤ 6.5.12025-09-18
CVE-2025-53947 [HIGH] CWE-276 CVE-2025-53947: A local attacker with low privileges on the Windows system where the software is installed can expl A local attacker with low privileges on the Windows system where the software is installed can exploit this vulnerability to corrupt sensitive data. A data folder is created with very weak privileges, allowing any user logged into the Windows system to modify its content.
nvd
Cognex In-Sight 2000 Series vulnerabilities | cvebase