- CISA is asking Honeywell CCTV camera owners to patch their devices
- Critical security flaws affect a number of models
- Hackers could use the flaw to take over accounts and access camera feeds
Several models of Honeywell CCTV cameras are protected vulnerable to a critical severity flaw that could allow threat actors to view feeds without permission and in some cases even take over vulnerable accounts, experts have warned.
In a new security advisory, the US Cybersecurity and Infrastructure Security Agency (CISA) said the affected cameras were plagued by a “missing authentication for critical function” flaw. It was given a severity rating of 9.8/10 (Critical) and is now tracked as CVE-2026-1670.
“Successful exploitation of this vulnerability could lead to account takeover and unauthorized access to camera feeds,” CISA said, adding that an unauthorized attacker could change the recovery email address, further compromising the target network.
Patch now or risk attack
Here is the list of affected models:
I-HIB2PI-UL 2MP IP 6.1.22.1216
SMB NDAA MVO-3 WDR_2MP_32M_PTZ_v2.0
PTZ WDR 2MP 32M WDR_2MP_32M_PTZ_v2.0
25M IPC WDR_2MP_32M_PTZ_v2.0
At press time, the flaw had not yet been added to CISA’s catalog of known exploited vulnerabilities (KEV), meaning there are no records of the flaw being exploited in the wild. However, many cybercriminals only start hunting for faulty equipment after a bug is discovered, betting that victims won’t be diligent about patching.
Given who Honeywell’s customers are (mostly industrial operators and critical infrastructure providers), it’s entirely possible that more groups will now begin actively scanning for vulnerable systems.
The company offers many NDAA-compliant cameras, suitable for deployment in government agencies. The models listed as vulnerable appear to be mid-level solutions typically found in medium-sized business environments and warehouses.
In addition to patching, users are also advised to minimize network exposure for all control system devices, locate control system networks and remote devices behind firewalls and isolate them from business networks, and use secure networks (VPNs) when remote access is required. CISA also warns that not all VPNs are created equal and that businesses should be careful in choosing the right one.
Via Bleeping Computer
The best antivirus for all budgets
Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews and opinions in your feeds. Be sure to click the Follow button!
And of course you can too follow TechRadar on TikTok for news, reviews, video unboxings, and get regular updates from us on WhatsApp also.
