Sensitive network traffic vulnerability in Cognex devices
CVE-2025-54754

8.6HIGH

Key Information:

Vendor: Cognex
Status: In-sight 2000 Series; In-sight 7000 Series; In-sight 8000 Series; In-sight 9000 Series
Vendor: CVE Published:; 18 September 2025

What is CVE-2025-54754?

An uncovered vulnerability in Cognex devices allows an attacker with adjacent access to retrieve a hard-coded password embedded in publicly available software. This exploit permits unauthorized users to decrypt sensitive network traffic, posing a significant risk to data confidentiality and integrity.

Affected Version(s)

In-Sight 2000 series 5.x <= 6.5.1

In-Sight 7000 series 5.x <= 6.5.1

In-Sight 8000 series 5.x <= 6.5.1

References

https://www.cisa.gov/news-events/ics-advisories/icsa-25-2...

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 18, 2025
Vulnerability Reserved
Aug 6, 2025

Credit

Diego Giubertoni of Nozomi Networks reported these vulnerabilities to CISA.