Honeywell CCTV Products Missing Authentication for Critical Function_CVE-2026-1670

9.3 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address.

AI Analysis

Unauthenticated API endpoint exposure allowing remote change of the forgot password recovery email address

Basic Information

ID CVE-2026-1670

Source icscert

Published Feb 17, 2026 at 22:56

Affected Product

Vendor Honeywell

Product I-HIB2PI-UL 2MP IP

Version 6.1.22.1216

Affected Versions Honeywell I-HIB2PI-UL 2MP IP 6.1.22.1216
Honeywell SMB NDAA MVO-3 WDR_2MP_32M_PTZ_v2.0
Honeywell PTZ WDR 2MP 32M WDR_2MP_32M_PTZ_v2.0
Honeywell 25M IPC WDR_2MP_32M_PTZ_v2.0

CWE Classification

CWE-306

AI Assessment

AI Score 9.3 / 10

AI Severity Critical

Vendor Honeywell

Product CCTV Products

Version 6.1.22.1216, WDR_2MP_32M_PTZ_v2.0

References

{
    "lastseen": "",
    "description": "The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the \"forgot password\" recovery email address.",
    "published": "2026-02-17T22:56:00.586Z",
    "modified": "2026-02-17T22:56:00.586Z",
    "type": "cve",
    "title": "Honeywell CCTV Products Missing Authentication for Critical Function",
    "source": "icscert",
    "references": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-048-04\nhttps://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-048-04.json\nhttps://www.honeywell.com/us/en/contact/support",
    "id": "CVE-2026-1670",
    "bulletinFamily": "",
    "cwe": [
        "CWE-306"
    ],
    "cvelist": null,
    "sourceData": "Honeywell I-HIB2PI-UL 2MP IP 6.1.22.1216\nHoneywell SMB NDAA MVO-3 WDR_2MP_32M_PTZ_v2.0\nHoneywell PTZ WDR 2MP 32M WDR_2MP_32M_PTZ_v2.0\nHoneywell 25M IPC WDR_2MP_32M_PTZ_v2.0",
    "sourceHref": "",
    "cvss": {
        "score": 9.3,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "I-HIB2PI-UL 2MP IP",
    "version": "6.1.22.1216",
    "vendor": "Honeywell",
    "ai_description": "Unauthenticated API endpoint exposure allowing remote change of the forgot password recovery email address",
    "ai_severity": "Critical",
    "ai_vendor": "Honeywell",
    "ai_product": "CCTV Products",
    "ai_version": "6.1.22.1216, WDR_2MP_32M_PTZ_v2.0",
    "ai_score": 9.3
}