103/69 Friday, February 20, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent advisory regarding a critical vulnerability affecting multiple Honeywell CCTV camera models. The flaw, tracked as CVE-2026-1670, carries a severity score of 9.8/10 and allows attackers to bypass authentication remotely. Successful exploitation could directly impact business environments and even critical national infrastructure by granting unauthorized access to surveillance systems.
Technically, the vulnerability stems from missing authentication for a critical API function, enabling attackers to change the password recovery email address of a device account without requiring the original password. This could lead to full account takeover and immediate access to live camera feeds. Affected models include certain IP cameras and PTZ cameras in the I-HIB2PI-UL and SMB NDAA series, which are commonly deployed in offices, warehouses, and high-security facilities.
Although no widespread exploitation has been reported so far, security experts strongly recommend proactive mitigation measures. Organizations should restrict direct internet exposure of affected cameras, place devices behind firewalls, and access them only through secure VPN connections. As Honeywell has not yet publicly released an official patch on its website, users operating impacted models are advised to contact Honeywell support directly for guidance on security updates and mitigation steps.
