Critical infra Honeywell CCTVs vulnerable to auth bypass flaw

• Critical infra Honeywell CCTVs vulnerable to auth bypass flaw February 18, 2026 03:58 PM 0 The U.S. • Cybersecurity and Infrastructure Security Agency (CISA) is warning of a critical vulnerability in multiple Honeywell CCTV products that allows unauthorized access to feeds or account hijacking. • Discovered by researcher Souvik Kanda and tracked as CVE-2026-1670, the security issue is classified as “missing authentication for critical function,” and received a crtical severity score of 9.8. • The flaw allows an unauthenticated attacker to change the recovery email address associated with a device account, enabling account takeover and unauthorized access to camera feeds. • “The affected product is vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the “forgot password” recovery email address,“CISA says. • According to the security advisory, CVE-2026-1670 impacts the following models: I-HIB2PI-UL 2MP IP 6.1.22.1216 SMB NDAA MVO-3 WDR_2MP_32M_PTZ_v2.0 PTZ WDR 2MP 32M WDR_2MP_32M_PTZ_v2.0 25M IPC WDR_2MP_32M_PTZ_v2.0 Honeywell is a major global supplier of security and video surveillance equipment with a broad range of CCTV camera models and related products deployed in commercial, industrial, and critical infrastructure settings worldwide.

Article Summaries:

• The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a critical vulnerability in multiple Honeywell CCTV products that allows unauthorized access to feeds or account hijacking. Discovered by researcher Souvik Kanda and tracked as CVE-2026-1670, the security issue is classified as “missing authentication for critical function,” and received a crtical severity score of 9.8. The flaw allows an unauthenticated attacker to change the recovery email address associated with a device account, enabling account takeover and unauthorized access to camera feeds. “The affected pro
• The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning about a critical vulnerability (CVE‑2026‑1670) in several Honeywell CCTV models. The flaw, rated 9.8 on the CVSS scale, allows an unauthenticated attacker to change the device’s recovery‑email address, enabling account takeover and unauthorized viewing of camera feeds. Affected units include the I‑HIB2PI‑UL 2MP IP, SMB NDAA MVO‑3, PTZ WDR 2MP, and 25M IPC series. No public exploitation has been reported as of February 17, but CISA advises isolating cameras behind firewalls, limiting network exposure, and using secure VPNs. Honeywell has not yet released a patch; users should contact support for guidance.

Sources:

• https://www.bleepingcomputer.com/news/security/critical-infra-honeywell-cctvs-vulnerable-to-auth-bypass-flaw/