CVE-2025-54860
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-18

Last updated on: 2025-09-19

Assigner: ICS-CERT

Description
Cognex In-Sight Explorer and In-Sight Camera Firmware expose a telnet-based service on port 23 in order to allow management operations on the device such as firmware upgrades and device reboot requiring an authentication. A wrong management of login failures of the service allows a denial-of-service attack, leaving the telnet service into an unreachable state.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-18
Last Modified
2025-09-19
Generated
2026-06-16
AI Q&A
2025-09-19
EPSS Evaluated
2026-06-14
NVD
CVE-2025-54860
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
cognex in-sight_explorer *
cognex in-sight_camera *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-307 The product does not implement sufficient measures to prevent multiple failed authentication attempts within a short time frame.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Cognex In-Sight Explorer and In-Sight Camera Firmware, which expose a telnet-based service on port 23 for management operations like firmware upgrades and device reboot. The service requires authentication, but due to improper handling of login failures, an attacker can cause a denial-of-service (DoS) attack that makes the telnet service unreachable.

Impact Analysis

The vulnerability can impact you by causing a denial-of-service condition on the telnet management service of the affected devices. This means that legitimate management operations such as firmware upgrades or device reboots may become impossible, potentially disrupting device functionality and maintenance.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-54860. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart