CVE-2025-54818 HIGH

CVE-2025-54818: Cognex In-Sight Explorer and In-Sight Camera Firmware Cleartext Transmission of Sensitive Information

Vendor Cognex
Product In-Sight 2000 series
Weakness CWE-319 · Cleartext transmission
Published September 18, 2025
Last update September 19, 2025

CVSS base score

8.0/10
Attack vector Adjacent
Attack complexity Low
Privileges required None
User interaction Required
Confidentiality High
Integrity High

CVSS vector

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

What the vulnerability does

01Description

Cognex In-Sight Explorer and In-Sight Camera Firmware expose a proprietary protocol on TCP port 1069 to perform management operations such as modifying system properties. The user management functionality handles sensitive data such as registered usernames and passwords over an unencrypted channel, allowing an adjacent attacker to intercept valid credentials to gain access to the device.

Key dates

02Disclosure timeline

September 18, 2025 CVE published
September 19, 2025 Record updated