This is a summary of the AI-generated 10-question deep analysis. The full version (longer answers, follow-up Q&A, related CVEs) requires login. Read the full analysis β
Q1What is this vulnerability? (Essence + Consequences)
π¨ **Essence**: Critical Access Control Error (CWE-306) in Honeywell products. <br>π₯ **Consequences**: Attackers can remotely change password reset email addresses via unverified API endpoints.β¦
π‘οΈ **Root Cause**: **CWE-306** (Missing Authentication for Critical Function). <br>β **Flaw**: API endpoints lack proper validation. The system trusts requests without verifying the user's identity or permissions.
Q3Who is affected? (Versions/Components)
π’ **Affected Vendor**: **Honeywell**. <br>π¦ **Products**: <br>- I-HIB2PI-UL 2MP IP (Infrared Bullet Camera) <br>- SMB NDAA MVO-3 (Infrared PTZ Camera) <br>- PTZ WDR 2MP 32M (Night Vision Series) <br>*(Note: List may be pβ¦
π **Public Exploit**: **No**. <br>π **Status**: `pocs` array is empty. No public PoC or wild exploitation code found yet. However, the low barrier makes it highly likely to be weaponized soon.
Q7How to self-check? (Features/Scanning)
π **Self-Check**: <br>1. Scan for Honeywell I-HIB2PI-UL, SMB NDAA MVO-3, and PTZ WDR models. <br>2. Check for exposed API endpoints related to password reset. <br>3.β¦
π₯ **Urgency**: **CRITICAL**. <br>β οΈ **Priority**: **P1**. <br>With a CVSS of 9.1 and no auth required, this is an immediate threat. Patch immediately or isolate from the network to prevent account takeover.