Summary
Honeywell reports a critical vulnerability (CVE-2026-1670) in several CCTV models that allows unauthenticated attackers to take over accounts by changing the password recovery email via an exposed API.
Take Action:
Make sure your CCTV cameras are isolated from the internet and accessible from trusted networks only. Then check your Honeywell CCTV firmware versions and contact their support for patches.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)