Honeywell CCTV cameras vulnerable to hijacking which allows hackers to crack passwords easily

News
By published

CISA tells Honeywell CCTV users to patch now

cctv
Image credit: Pixabay (Image credit: Pixabay)
  • CISA tells Honeywell CCTV camera owners to patch their devices
  • Critical security flaw affects a number of models
  • Hackers could use the flaw to take over accounts and access camera feeds

Multiple models of Honeywell CCTV cameras are reprotedly vulnerable to a critical severity flaw which could allows threat actors to view the feeds without authorization and, in some instances, even take over vulnerable accounts, experts have warned.

In a new security advisory, the US Cybersecurity and Infrastructure Security Agency (CISA) said the affected cameras were plagued by a “missing authentication for critical function” flaw. It was given a severity score of 9.8/10 (critical) and is now tracked as CVE-2026-1670.

“Successful exploitation of this vulnerability could lead to account takeovers and unauthorized access to camera feeds,” CISA said, adding that an unauthenticated attacker could change the recovery email address and thus compromise the target network further.

Patch now or risk attack

Here is the list of the affected models:

I-HIB2PI-UL 2MP IP 6.1.22.1216

SMB NDAA MVO-3 WDR_2MP_32M_PTZ_v2.0

PTZ WDR 2MP 32M WDR_2MP_32M_PTZ_v2.0

25M IPC WDR_2MP_32M_PTZ_v2.0

At press time, the flaw was not yet added to CISA’s catalog of known exploited vulnerabilities (KEV), meaning there are no records of the bug being exploited in the wild. However, many cybercriminals only start hunting for bugged equipment after a flaw is unveiled, betting on victims not being diligent with patching.

Given who Honeywell’s customers are (mostly industrial operators and critical infrastructure providers), it is entirely possible that multiple groups will now start actively scanning for vulnerable systems.

The company offers many NDAA-compliant cameras, suitable for deployment in government agencies. The models listed as vulnerable are apparently mid-level solutions, usually found in medium business environments, and warehouses.

Besides patching, users are also advised to minimize network exposure for all control system devices, locate control system networks and remote devices behind firewalls and isolate them from business networks, and use secure networks (VPNs) when remote access is required. CISA also warns that not all VPNs are equal and that businesses should be careful choosing the right one.

Via BleepingComputer

Best antivirus software header
The best antivirus for all budgets

➡️ Read our full guide to the best antivirus
1. Best overall:
Bitdefender Total Security
2. Best for families:
Norton 360 with LifeLock
3. Best for mobile:
McAfee Mobile Security

Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.