Mondoo Vulnerability Intelligence

Curated by Mondoo Research, enhanced with AI

Resources

Search Vulnerabilities
Trending CVEs
Browse Ecosystems
Terminology
Blog

Open Source

cnquery
cnspec

Star us on GitHub!

Company

Mondoo Platform
About
Contact

Vulnerability Intelligence

Customers

Vulnerability IntelligenceCVE-2025-54810

CVE-2025-54810

HIGH8.6

Cognex In-Sight Explorer and In-Sight Camera Firmware Authentication Bypass by Capture-replay

Published Sep 18, 2025

Modified 5 months ago

Details

Cognex In-Sight Explorer and In-Sight Camera Firmware expose

a proprietary protocol on TCP port 1069 to perform management operations such as modifying system properties. The user management functionality handles sensitive data such as registered usernames and passwords over an unencrypted channel, allowing an adjacent attacker to intercept valid credentials to gain access to the device.

References

WEB

https://www.cisa.gov/news-events/ics-advisories/icsa-25-261-06

ADVISORY

https://www.cve.org/CVERecord?id=CVE-2025-54810

CVSS Analysis

CVSS v4.0

8.6

Exploitability

Attack Vector

AdjacentAV:A

Attack Complexity

LowAC:L

Attack Requirements

NoneAT:N

Privileges Required

NonePR:N

User Interaction

PassiveUI:P

Vulnerable System

Vuln. Confidentiality

HighVC:H

Vuln. Integrity

HighVI:H

Vuln. Availability

HighVA:H

Subsequent System

Subseq. Confidentiality

NoneSC:N

Subseq. Integrity

NoneSI:N

Subseq. Availability

NoneSA:N

8.6/CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Weakness Type (CWE)

Other

CWE-294

Ecosystems

Timeline

PublishedSep 18, 2025

ModifiedSep 19, 2025

CVE-2025-54810 | Mondoo Vulnerability Intelligence