How severe is CVE-2026-1670?

CVE-2026-1670 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2026-1670

9.8CRITICAL

Published: 2/17/2026Updated: 2/17/2026

Description

The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address.

AI AnalysisPowered by AI

References

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-048-04.json
https://www.cisa.gov/news-events/ics-advisories/icsa-26-048-04
https://www.honeywell.com/us/en/contact/support