Washington, D.C. – A significant security vulnerability has been identified in several Honeywell CCTV products, prompting urgent warnings from U.S. cybersecurity officials. The Cybersecurity and Infrastructure Security Agency (CISA) alerted users to the critical flaw that could allow unauthorized individuals to access video feeds or take control of user accounts.
Researched by cybersecurity expert Souvik Kanda, the vulnerability is designated as CVE-2026-1670 and is rated with a severity score of 9.8. This issue arises from a failure to authenticate crucial functions, enabling an unauthorized party to alter the recovery email linked to an account. This breach could lead to account hijacking and unauthorized access to surveillance footage.
CISA explained that the vulnerability stems from an exposed unauthenticated API endpoint, which permits attackers to remotely modify password recovery email addresses. The agency’s advisory underscores the urgency of addressing this security flaw, as it directly affects the integrity of video surveillance systems.
The affected camera models include the I-HIB2PI-UL 2MP and several versions of the SMB NDAA MVO-3, among others. These products are often used in small- to medium-sized business environments, as well as in offices and warehouses, some of which are classified as critical infrastructure.
Honeywell, a prominent global provider of security technology, has a wide range of CCTV cameras in operation across industries. Many of their models meet National Defense Authorization Act (NDAA) standards, making them suitable for use in U.S. government facilities and by federal contractors.
As of February 17, CISA has noted that there have been no public reports of this vulnerability being exploited. However, the agency maintains that organizations should minimize network exposure for control systems, suggesting measures such as implementing firewalls and secure remote access protocols, like updated VPN solutions.
While Honeywell has yet to release a formal notification regarding CVE-2026-1670, users concerned about this vulnerability are encouraged to reach out to the company’s support team for information on available patches and protective measures.
The compact nature of these widely used surveillance products means they could pose serious risks if left unaddressed. Stakeholders and end users alike are urged to act promptly to ensure their systems remain secure against unauthorized access.