Recently, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued a warning about a serious vulnerability in various Honeywell CCTV products. This flaw could allow unauthorized users to access video feeds or hijack accounts.
Discovered by researcher Souvik Kanda, this vulnerability, labeled CVE-2026-1670, has a high severity score of 9.8. It means that an attacker could change the recovery email for an account, leading to a potential takeover and access to sensitive camera feeds.
CISA described how this vulnerability exposes an unauthenticated API endpoint. This could let attackers remotely change the “forgot password” recovery email. It’s crucial for users to be aware of the affected models, which include:
- I-HIB2PI-UL 2MP IP 6.1.22.1216
- SMB NDAA MVO-3 WDR_2MP_32M_PTZ_v2.0
- PTZ WDR 2MP 32M WDR_2MP_32M_PTZ_v2.0
- 25M IPC WDR_2MP_32M_PTZ_v2.0
Honeywell is a key player in the security industry, supplying various CCTV models used in commercial and governmental settings. The affected models are often employed in small to medium-sized businesses, offices, and critical facilities.
As of February 17, CISA reported no known cases of this vulnerability being exploited in the wild. However, they advise users to take precautionary measures, such as minimizing network exposure for these devices. Isolating them behind firewalls and using secure methods like updated VPNs for remote access are smart strategies to enhance security.
Although Honeywell hasn’t released a specific advisory about this issue, users should reach out to their support team for guidance on potential patches and updates.
In a broader context, the growing number of cyber threats highlights the importance of cybersecurity measures. According to a recent report by Cybersecurity Ventures, global cybercrime damages are expected to reach $10.5 trillion annually by 2025. This underscores the need for vigilant security practices in all sectors, especially where sensitive data is handled.
Staying informed about vulnerabilities and how to mitigate risks is key for all users, particularly those using connected technology. Ensuring devices are updated and protected is essential in safeguarding against potential attacks.
