Several industrial cameras produced by Cognex have been identified with serious security vulnerabilities, and the company has stated that no patches will be released for affected models. Organizations using these devices are being advised to transition to newer versions to maintain secure operations.

The Cybersecurity and Infrastructure Security Agency (CISA) issued an advisory on September 18, highlighting the risks associated with Cognex In-Sight products. These cameras, widely used in manufacturing facilities, guide robotic operations, inspect products for quality, and track inventory—functions critical to many industrial environments.

Security researchers from Nozomi Networks discovered nine distinct vulnerabilities affecting In-Sight 2000, 7000, 8000, and 9000 cameras, as well as the In-Sight Explorer client software used for device management. The flaws include hardcoded passwords, sensitive data transmitted in cleartext, incorrect default permissions, privilege escalation, authentication bypass, and denial-of-service (DoS) weaknesses. Most of these issues have been rated as high severity.

While these vulnerabilities cannot be exploited directly from the internet, an attacker with access to the network where the cameras are deployed could leverage these weaknesses to compromise the devices and connected systems.

Nozomi Networks outlined three potential attack scenarios:

1. Man-in-the-Middle Attack: An attacker on the same network could intercept and decrypt user credentials to gain system access.
2. Privilege Escalation: A low-privileged user could exploit vulnerabilities to obtain administrative permissions.
3. Disruption via Workstation: A low-privileged attacker on the engineering workstation running In-Sight Explorer could cause major system disruptions.

Cognex has clarified that these vulnerabilities affect legacy products not intended for new deployments and will not be patched. They recommend migrating to In-Sight 2800, 3800, and 8900 series cameras for continued operational security.

For organizations unable to immediately replace legacy devices, Nozomi and CISA recommend risk mitigation strategies, including:

• Limiting network exposure of vulnerable cameras.
• Segmenting industrial control networks from business networks.
• Using VPNs for secure remote access.
• Deploying specialized cybersecurity solutions capable of detecting and blocking attacks targeting industrial systems.

These precautions are critical for organizations relying on Cognex cameras to maintain operational integrity while addressing the inherent risks posed by unpatched industrial devices.

Source: https://www.securityweek.com/no-patches-for-vulnerabilities-allowing-cognex-industrial-camera-hacking