CVE-2022-1522

Name of the Vulnerable Software and Affected Versions Cognex 3D-A1000 Dimensioning System versions 1.0.3 (3354) and prior

Description The issue is related to improper output neutralization for logs, which can be exploited by a remote attacker to create arbitrary log files. This can lead to the creation of false logs that show the password as having been changed when it is not, complicating forensic analysis.

Recommendations For versions 1.0.3 (3354) and prior, consider disabling the logging functionality until a patch is available to prevent the creation of false logs. Restrict access to the logging module to minimize the risk of exploitation. Avoid relying on log files for password change tracking until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.