Vulnerability Description
Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a weak authentication method is retained for compatibility with legacy products.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Honeywell | H2W2Pc1M Firmware | - |
| Honeywell | H2W2Pc1M | - |
| Honeywell | H2W2Per3 Firmware | - |
| Honeywell | H2W2Per3 | - |
| Honeywell | H2W4Per3 Firmware | - |
| Honeywell | H2W4Per3 | - |
| Honeywell | H4W2Per2 Firmware | - |
| Honeywell | H4W2Per2 | - |
| Honeywell | H4W2Per3 Firmware | - |
| Honeywell | H4W2Per3 | - |
| Honeywell | H4W4Per2 Firmware | - |
| Honeywell | H4W4Per2 | - |
| Honeywell | H4W4Per3 Firmware | - |
| Honeywell | H4W4Per3 | - |
| Honeywell | H4W8Pr2 Firmware | - |
| Honeywell | H4W8Pr2 | - |
| Honeywell | Hbd2Per1 Firmware | - |
| Honeywell | Hbd2Per1 | - |
| Honeywell | Hbw2Per1 Firmware | - |
| Honeywell | Hbw2Per1 | - |
Related Weaknesses (CWE)
References
- https://www.us-cert.gov/ics/advisories/icsa-19-304-04Third Party AdvisoryUS Government Resource
- https://www.us-cert.gov/ics/advisories/icsa-19-304-04Third Party AdvisoryUS Government Resource
FAQ
What is CVE-2019-18226?
CVE-2019-18226 is a vulnerability with a CVSS score of 9.8 (CRITICAL). Honeywell equIP series and Performance series IP cameras and recorders, A vulnerability exists in the affected products where IP cameras and recorders have a potential replay attack vulnerability as a...
How severe is CVE-2019-18226?
CVE-2019-18226 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2019-18226?
Check the references section above for vendor advisories and patch information. Affected products include: Honeywell H2W2Pc1M Firmware, Honeywell H2W2Pc1M, Honeywell H2W2Per3 Firmware, Honeywell H2W2Per3, Honeywell H2W4Per3 Firmware.