How severe is CVE-2026-1670?

CVE-2026-1670 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2026-1670

9.8CRITICAL

Veröffentlicht: 2/17/2026Aktualisiert: 2/17/2026

Beschreibung

The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address.

KI-AnalyseKI-gestützt

Referenzen

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-048-04.json
https://www.cisa.gov/news-events/ics-advisories/icsa-26-048-04
https://www.honeywell.com/us/en/contact/support