Some industrial machine-vision cameras from Cognex are affected by multiple serious vulnerabilities but will not receive patch support. These issues impact legacy In-Sight series (2000, 7000, 8000, 9000) and associated client software, and include hardcoded passwords, authentication bypass, privilege escalation, insecure default permissions, and the transmission of sensitive data in cleartext. Because these flaws are tied to older models, the vendor advises users to migrate to newer hardware rather than expect software fixes.

Although these cameras are typically deployed in isolated or controlled environments, a malicious actor who gains access to the same network segment could exploit the vulnerabilities to intercept credentials, elevate privileges, or interpose attacks against connected systems. As long as the devices remain in operation without vendor remediation, the risk can only be reduced—not fully eliminated—through mitigations such as strict network segmentation, limiting exposure to only trusted segments, enforcing VPN or firewall protections, and deploying threat detection to flag anomalous behavior.

‍

Source: https://www.securityweek.com/no-patches-for-vulnerabilities-allowing-cognex-industrial-camera-hacking/