How severe is CVE-2026-1670?

CVE-2026-1670 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2026-1670

9.8CRITICAL

Publicado: 2/17/2026Atualizado: 2/17/2026

Descrição

The affected products are vulnerable to an unauthenticated API endpoint exposure, which may allow an attacker to remotely change the "forgot password" recovery email address.

Análise IADesenvolvido por IA

Referências

https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-048-04.json
https://www.cisa.gov/news-events/ics-advisories/icsa-26-048-04
https://www.honeywell.com/us/en/contact/support