All news with #cognex tag

CISA Issues Nine New ICS Advisories on Sep 18, 2025

🛡️ CISA released nine Industrial Control Systems (ICS) advisories on September 18, 2025, detailing vulnerabilities, exploits, and mitigations affecting multiple vendors and products. The advisories cover Westermo WeOS, Schneider Electric Saitel RTUs, Hitachi Energy Asset and Service Suites, Cognex In‑Sight devices, Dover Fueling Solutions ProGauge MagLink LX4 devices, plus updates for rail linking protocols and Mitsubishi FA engineering tools. Administrators and operators are urged to review the technical details and apply recommended mitigations promptly to reduce operational and safety risk.

Cognex In-Sight Firmware: Multiple High-Risk Flaws

🔒 Cognex disclosed multiple high-severity vulnerabilities in In-Sight Explorer and firmware for the In-Sight 2000/7000/8000/9000 series (versions 5.x through 6.5.1). Identified issues include hard-coded credentials, cleartext management protocols (including telnet and a proprietary TCP 1069 service), weak default permissions, authentication bypass via capture-replay, and insufficient server-side enforcement. CISA assigns high CVSS scores (up to 8.8 v3.1 and 8.6 v4), warns of credential disclosure, configuration manipulation, and potential denial-of-service, and recommends migration to newer In-Sight Vision Suite systems and network isolation.