Search
Search Results (8 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-54860 | 1 Cognex | 2 In-sight Camera Firmware, In Sight Explorer | 2025-09-19 | 7.7 High |
| Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 in order to allow management operations on the device such as firmware upgrades and device reboot requiring an authentication. A wrong management of login failures of the service allows a denial-of-service attack, leaving the telnet service into an unreachable state. | ||||
| CVE-2025-52873 | 1 Cognex | 2 In-sight Camera Firmware, In-sight Explorer | 2025-09-19 | 8.1 High |
| Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSystemConfig functionality to modify relevant device properties (such as network settings), contradicting the security model proposed in the user manual. | ||||
| CVE-2025-54497 | 1 Cognex | 2 In-sight Camera Firmware, In-sight Explorer | 2025-09-19 | 8.1 High |
| Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 to allow management operations such as firmware upgrades and device reboots, which require authentication. A user with protected privileges can successfully invoke the SetSerialPort functionality to modify relevant device properties (such as serial interface settings), contradicting the security model proposed in the user manual. | ||||
| CVE-2025-54818 | 1 Cognex | 2 In-sight Camera Firmware, In-sight Explorer | 2025-09-19 | 8 High |
| Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modifying system properties. The user management functionality handles sensitive data such as registered usernames and passwords over an unencrypted channel, allowing an adjacent attacker to intercept valid credentials to gain access to the device. | ||||
| CVE-2025-54810 | 1 Cognex | 2 In-sight Camera Firmware, In-sight Explorer | 2025-09-19 | 8 High |
| Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modifying system properties. The user management functionality handles sensitive data such as registered usernames and passwords over an unencrypted channel, allowing an adjacent attacker to intercept valid credentials to gain access to the device. | ||||
| CVE-2025-53969 | 1 Cognex | 2 In-sight Camera Firmware, In-sight Explorer | 2025-09-19 | 8.8 High |
| Cognex In-Sight Explorer and In-Sight Camera Firmware expose a service implementing a proprietary protocol on TCP port 1069 to allow the client-side software, such as the In-Sight Explorer tool, to perform management operations such as changing network settings or modifying users' access to the device. | ||||
| CVE-2025-54754 | 1 Cognex | 2 In-sight Camera Firmware, In-sight Explorer | 2025-09-19 | 8 High |
| An attacker with adjacent access, without authentication, can exploit this vulnerability to retrieve a hard-coded password embedded in publicly available software. This password can then be used to decrypt sensitive network traffic, affecting the Cognex device. | ||||
| CVE-2025-53947 | 2 Cognex, Microsoft | 3 In-sight Camera Firmware, In-sight Explorer, Windows | 2025-09-19 | 7.7 High |
| A local attacker with low privileges on the Windows system where the software is installed can exploit this vulnerability to corrupt sensitive data. A data folder is created with very weak privileges, allowing any user logged into the Windows system to modify its content. | ||||
Page 1 of 1.