Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Browse News Feed Stats Watchlists Beta About Contact

Honeywell CCTV unauthenticated recovery-email takeover flaw (CVE-2026-1670)

Vulnerability
First reported
Last updated
Happening score
H score 23
1 unique sources, 1 articles

Summary

Hide ▲

CVE-2026-1670 affects multiple Honeywell CCTV products, where an unauthenticated API exposure can let an attacker change the recovery email on a device account and take over access to camera feeds. CISA rates the flaw 9.8 critical and says it can enable account hijacking. The advisory names four impacted camera models and says there were no known public exploitation reports as of February 17th.

Related Happenings

CISA KEV directive for CVE-2026-20133

Public Sector Action
First: 21.04.2026 15:30 Last: 21.04.2026 15:30 Sources 1

About this happening: On **Monday, April 21, 2026**, **CISA** added **CVE-2026-20133** to the **KEV Catalog** and ordered **FCEB agencies** to secure their networks by **Friday, April 24**. The directi...

Open Happening

CISA patch guidance for Zimbra and SharePoint flaws

Advisory/Mitigation
First: 19.03.2026 08:05 Last: 19.03.2026 08:05 Sources 1

About this happening: **CISA** told **FCEB agencies** to patch **two actively exploited vulnerabilities** in **Synacor Zimbra Collaboration Suite (ZCS)** and **Microsoft Office SharePoint**, creating i...

Open Happening

CISA BOD 22-01 Zimbra patch order

Public Sector Action
First: 18.03.2026 21:57 Last: 18.03.2026 21:57 Sources 1

About this happening: **CISA** ordered **Federal Civilian Executive Branch agencies** to secure **Zimbra Collaboration Suite (ZCS)** servers against **CVE-2025-66376**, an **actively exploited** flaw t...

Open Happening

US Cybersecurity and Infrastructure Security Agency (CISA) Emergency Directive 26-03 for Federal civilian executive branch systems remediation and reporting deadlines through

Public Sector Action
First: 12.03.2026 14:45 Last: 12.03.2026 14:45 Sources 1

About this happening: CISA issued **Emergency Directive 26-03** after warning that attackers are actively exploiting **Cisco Catalyst SD-WAN** vulnerabilities across **US federal networks**. The direct...

Open Happening

CISA BOD 22-01 iOS KEV patch order

Public Sector Action
First: 06.03.2026 17:57 Last: 06.03.2026 17:57 Sources 1

About this happening: **CISA** ordered **Federal Civilian Executive Branch** agencies to secure affected **iOS** devices by **March 26** after adding **three Coruna vulnerabilities** to its **Known Exp...

Open Happening

Timeline

  1. 18.02.2026 22:58 2 articles · 3mo ago

    CISA warns on Honeywell CCTV account-takeover flaw

    Initial Disclosure

    The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that CVE-2026-1670 affects multiple Honeywell CCTV products, including I-HIB2PI-UL 2MP IP 6.1.22.1216, SMB NDAA MVO-3 WDR_2MP_32M_PTZ_v2.0, PTZ WDR 2MP 32M WDR_2MP_32M_PTZ_v2.0, and 25M IPC WDR_2MP_32M_PTZ_v2.0. The flaw is a missing authentication for critical function issue and an unauthenticated API endpoint exposure that can let an attacker remotely change the "forgot password" recovery email address on a device account, enabling account takeover and unauthorized access to camera feeds. CISA rated the issue 9.8 critical, said there were no known reports of public exploitation as of February 17th, and recommended minimizing network exposure, isolating devices behind firewalls, and using secure remote access methods such as updated VPN solutions.

    Show sources
    Open in new tab