Critical Infrastructure Honeywell CCTVs Exposed to Authentication Bypass Vulnerability
Critical Vulnerability Identified in Honeywell CCTV Products
A critical vulnerability in multiple Honeywell CCTV products has been identified, allowing unauthorized access to camera feeds and account hijacking. The flaw, tracked as CVE-2026-1670, was discovered by researcher Souvik Kanda and has received a critical severity score of 9.8.
Vulnerability Details
The vulnerability is classified as missing authentication for a critical function, enabling an unauthenticated attacker to change the recovery address associated with a device account. This, in turn, allows the attacker to gain unauthorized access to camera feeds and take control of the account.
Affected Products
The vulnerability affects several Honeywell CCTV models, including the I-HIB2PI-UL 2MP IP, MVO-3 WDR_2MP_32M_PTZ_v2.0, and WDR_2MP_32M_PTZ_v2.0. These models are widely used in commercial, industrial, and critical infrastructure settings worldwide.
Recommendations
CISA has not received any reports of public exploitation targeting this vulnerability as of February 17th. However, the agency recommends taking measures to minimize network exposure of control system devices, isolating them behind firewalls, and using secure remote access methods such as updated VPN solutions.
Honeywell has not published an advisory on CVE-2026-1670, but users are advised to contact the company’s support team for guidance on patching the vulnerability. In the meantime, organizations using the affected models should take immediate action to protect their systems and prevent potential exploitation.
Conclusion
The vulnerability highlights the importance of prioritizing cybersecurity in critical infrastructure settings. As the threat landscape continues to evolve, it is essential for organizations to stay vigilant and take proactive measures to protect their systems and data.
About Author
English