The US Cybersecurity and Infrastructure Agency (CISA) has issued a warning of a critical vulnerability in multiple Honeywell CCTV products that gives unauthorized access to feeds or even leads to account hijacking. The vulnerability has been discovered by researcher Souvik Kanda and tracked as CVE-2026-1670. It has been classified as ‘missing authentication for critical function,’ and even received a critical severity score of 9.8.
For your information, the flaw allows hackers to change the recovery email address linked with a device account, giving up unauthorized access to camera feeds and account takeover. CISA said, ‘The affected product is vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the “forgot password” recovery email address.’
Affected Models
According to the advisory issued by the US Cybersecurity and Infrastructure Agency (CISA), here is the list of models affected by the same:
-I-HIB2PI-UL 2MP IP 6.1.22.1216
-SMB NDAA MVO-3 WDR_2MP_32M_PTZ_v2.0
-PTZ WDR 2MP 32M WDR_2MP_32M_PTZ_v2.0
-25M IPC WDR_2MP_32M_PTZ_v2.0
For those who don’t know, Honeywell is a popular global supplier of security and video surveillance devices, including CCTV cameras. The firm has multiple NDAA-compliant cameras that are suitable for deployment in the United States government agencies and federal contractors.
7000 Robot Vacuum Cleaners Compromised By A Single Sony PS5 Controller In Just Few Mins: Here’s What Happened
The specific model families named in the advisory by CISA are mid-level video surveillance products used in small to medium business environments, warehouses, and offices. CISA has asked to minimise the network exposure of the control system devices and keep them behind firewalls or use secure remote access methods like VPN.
Until now, Honeywell has not issued any official notice regarding the release of the patch notes for the vulnerability. However, the concerned users are advised to have a word with the company’s support to get the necessary solution.
