Cognex In-Sight Explorer and In-Sight Camera Firmware User Management Protocol Vulnerability

A vulnerability exists in Cognex In-Sight Explorer and In-Sight Camera Firmware, specifically in versions 5.x up to and including 6.5.1. The issue arises from the user management functionality, which transmits sensitive information, including usernames and passwords, over an unencrypted channel. This flaw allows an adjacent attacker to intercept valid credentials and gain unauthorized access to the device. The vulnerability is linked to a proprietary protocol exposed on TCP port 1069, used for management operations such as modifying system properties.

Impact

Exploitation of this vulnerability could lead to the interception of user credentials, allowing unauthorized access to the affected device.

Remediation

Cognex advises users to transition to next-generation In-Sight Vision Suite-based systems, such as the In-Sight 2800, In-Sight 3800, or In-Sight 8900 series embedded cameras. For additional guidance, refer to the CISA recommendations for minimizing network exposure of control system devices and the CISA technical information paper on targeted cyber intrusion detection and mitigation strategies.