A broken access control flaw in the password reset feature of the Cognix Recon Client permits any authenticated user to craft requests that reset the passwords of arbitrary accounts. This weakness, identified as CWE-284, enables an attacker to forcibly take over other users’ accounts, potentially accessing sensitive data or persisting malicious control. As the vulnerability allows the attacker to avoid legitimate authorization steps, it effectively negates the integrity of user credentials and can serve as a vector for broader system compromise.

The affected system is Tata Consultancy Services’ Cognix Recon Client, specifically version 3.0. Users of this version are susceptible to abuse of the password reset routine, regardless of the user’s role or permissions within the application.

The CVSS score of 8.1 classifies this flaw as high severity, signifying substantial risk to confidentiality, integrity, and availability. The EPSS score of less than 1% indicates that, overall, exploit attempts are expected to be infrequent at this time, and the vulnerability is not yet listed in the CISA KEV catalog. Nevertheless, the exploit path requires only an authenticated session and the ability to send crafted requests, making it relatively straightforward for internal users or attackers who have compromised credentials. The attack vector is likely intra‑network or through compromised user accounts, exploiting the lack of role or ownership checks during the reset process.