Honeywell CCTV cameras vulnerable to hijacking which allows hackers to crack passwords easily

• CISA tells Honeywell CCTV camera owners to patch their devices
• Critical security flaw affects a number of models
• Hackers could use the flaw to take over accounts and access camera feeds

Multiple models of Honeywell CCTV cameras are reprotedly vulnerable to a critical severity flaw which could allows threat actors to view the feeds without authorization and, in some instances, even take over vulnerable accounts, experts have warned.

In a new security advisory, the US Cybersecurity and Infrastructure Security Agency (CISA) said the affected cameras were plagued by a “missing authentication for critical function” flaw. It was given a severity score of 9.8/10 (critical) and is now tracked as CVE-2026-1670.

“Successful exploitation of this vulnerability could lead to account takeovers and unauthorized access to camera feeds,” CISA said, adding that an unauthenticated attacker could change the recovery email address and thus compromise the target network further.