PatchSiren cyber security CVE debrief
CVE-2025-53947 Cognex CVE debrief
CVE-2025-53947 affects Cognex In-Sight Explorer and In-Sight Camera Firmware. CISA says a low-privilege local attacker on the Windows system where the software is installed can modify the contents of a data folder that was created with very weak permissions, which can lead to corruption of sensitive data. CISA rates the issue HIGH with CVSS 7.7. Cognex’s remediation note in the advisory says the affected In-Sight Explorer-based vision systems are legacy products and recommends moving to next-generation In-Sight Vision Suite-based systems.
- Vendor
- Cognex
- Product
- In-Sight 2000 series
- CVSS
- HIGH 7.7
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2025-09-18
- Original CVE updated
- 2025-09-18
- Advisory published
- 2025-09-18
- Advisory updated
- 2025-09-18
Who should care
OT/ICS operators, Windows administrators, machine-vision integrators, and asset owners running Cognex In-Sight Explorer or affected In-Sight camera firmware on shared Windows systems.
Technical summary
The supplied CISA CSAF advisory describes a local attack path on the Windows host where the software is installed. The attacker needs low privileges and no user interaction, and can modify a data folder that was created with very weak permissions. CISA’s CVSS 3.1 vector is CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H, reflecting integrity and availability impact from unauthorized modification of sensitive data. The advisory scope includes In-Sight Explorer plus In-Sight 2000, 7000, 8000, and 9000 series products, and the vendor notes that the In-Sight Explorer-based systems are legacy products.
Defensive priority
High. The issue is locally exploitable, requires only low privilege on the Windows host, and can affect sensitive data integrity in industrial vision deployments.
Recommended defensive actions
- Identify any installations of Cognex In-Sight Explorer and affected In-Sight camera firmware on Windows systems.
- Review whether the affected systems are legacy deployments and plan migration to Cognex’s next-generation In-Sight Vision Suite-based systems, as recommended by the vendor.
- Treat weak folder permissions on the affected Windows host as a security issue and verify that only intended administrative users can modify related application data.
- Use CISA’s industrial control system recommended practices and defense-in-depth guidance to reduce risk while planning remediation.
Evidence notes
This debrief is based on the supplied CISA CSAF advisory for ICSA-25-261-06 / CVE-2025-53947, published 2025-09-18. The source text explicitly states that a low-privilege local attacker on the Windows system can corrupt sensitive data because a data folder was created with very weak privileges. The advisory’s remediation note identifies the affected In-Sight Explorer-based vision systems as legacy products and recommends migration to In-Sight Vision Suite-based systems.
Official resources
-
CVE-2025-53947 CVE record
CVE.org
-
CVE-2025-53947 NVD detail
NVD
-
Source item URL
cisa_csaf
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
-
Source reference
Reference
CISA published the advisory and CVE details on 2025-09-18 as an initial publication. No KEV listing is included in the supplied data.