Honeywell CCTV Camera Owners Warned of Critical Vulnerability: Patch Now to Avoid Hacking Risks

Vaibhav February 21, 2026
Honeywell-CCTV-Camera-Owners-Warned-of-Critical-Vulnerability-Patch-Now-to-Avoid-Hacking-Risksdata
Post Views: 112

Critical Vulnerability in Honeywell CCTV Cameras Exposes Feeds and Accounts to Unauthorized Access

A critical security flaw has been discovered in multiple models of Honeywell closed-circuit television (CCTV) cameras, allowing unauthenticated attackers to access camera feeds and take control of accounts. The vulnerability, tracked as CVE-2026-1670, has been assigned a CVSS score of 9.8 out of 10, indicating a high level of severity.

U.S. Cybersecurity and Infrastructure Security Agency (CISA) Advisory

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an advisory detailing the vulnerability, which affects specific versions of I-HIB2PI-UL, SMB NDAA MVO-3, PTZ WDR, and 25M IPC cameras. The flaw, described as a “missing authentication for critical function,” enables attackers to view camera feeds and modify account recovery addresses without proper authorization.

Although the vulnerability is not currently listed on CISA’s Known Exploited Vulnerabilities (KEV) list, the potential for exploitation is considered high, particularly given Honeywell’s customer base, which includes critical infrastructure providers and government agencies. This vulnerability highlights the ongoing risks associated with Internet of Things (IoT) devices, particularly in industrial and critical infrastructure sectors.

CISA Recommendations

CISA’s advisory emphasizes the importance of prompt patching and recommends additional security measures to mitigate the vulnerability. These measures include network segmentation, firewall implementation, and secure virtual private network (VPN) usage for remote access.

Affected Honeywell CCTV Camera Models

  • I-HIB2PI-UL
  • SMB NDAA MVO-3
  • PTZ WDR
  • 25M IPC

Honeywell customers are advised to apply the necessary patches and implement additional security measures to prevent unauthorized access to their camera feeds and accounts.

According to the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the vulnerability is considered high-risk and requires prompt attention.



About Author

Vaibhav

See author's posts

More Stories

Janela-RAT-Malware-Steals-Financial-Data-via-Browser-Extensions

Janela RAT Malware Steals Financial Data via Browser Extensions

Vaibhav April 15, 2026
India-Sees-Rise-in-Unwanted-Calls-Despite-Strengthened-Telecom-Regulations

India Sees Rise in Unwanted Calls Despite Strengthened Telecom Regulations

Vaibhav April 15, 2026
Bombay-High-Court-Declares-Unauthorized-Conversation-Recording-a-Cybercrime

Bombay High Court Declares Unauthorized Conversation Recording a Cybercrime

Vaibhav April 15, 2026

Latest Cyber Security News

Not-All-CISO-Roles-Are-Equally-Demanding-and-Challenging-Insights-from-ESET-Mimecast-at-RSAC

Not All CISO Roles Are Equally Demanding and Challenging: Insights from ESET, Mimecast at RSAC

Vaibhav April 15, 2026
Sitehops-SAFEcore-Edge-Offers-Ultra-Low-Latency-Post-Quantum-Encryption-Solutions

Sitehops SAFEcore Edge Offers Ultra-Low Latency Post Quantum Encryption Solutions

Vaibhav April 15, 2026
IPL-Ticket-Scam-Woman-Loses-52-500-Using-Fake-QR-Codes-in-Bengaluru

IPL Ticket Scam: Woman Loses ₹52,500 Using Fake QR Codes in Bengaluru

Vaibhav April 15, 2026
India-s-Largest-Cryptocurrency-Scandal-Worth-17-000-Crore

India’s Largest Cryptocurrency Scandal Worth ₹17,000 Crore

Vaibhav April 15, 2026
Microsoft-Resolves-Critical-Bug-Affecting-Automatic-Windows-Server-2025-Updates

Microsoft Resolves Critical Bug Affecting Automatic Windows Server 2025 Updates

Vaibhav April 15, 2026
en_USEnglish
en_USEnglish