CVE-2025-54497

Cognex In-Sight Explorer and In-Sight Camera Firmware expose 
a telnet-based service 
on port 23 to allow management operations such as firmware upgrades and 
device reboots, which require authentication. A user with protected 
privileges can successfully invoke the SetSerialPort functionality to 
modify relevant device properties (such as serial interface settings), 
contradicting the security model proposed in the user manual.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
icscertCNA
8.1 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: Unknown
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-advisories/icsa-25-261-06