← Back to home

ICSA-19-304-03 · Published 2019-10-31 · View on CISA ICS-CERT ↗

Honeywell equIP and Performance Series IP Cameras

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of this vulnerability could result in unauthenticated access.

CVEs (1)

CVE-2019-18230

Remediations

Honeywell has released firmware update packages for all affected products.
Update firmware of vulnerable devices per this security notification
Isolate their system from the Internet or create additional layers of defense to their system from the Internet by placing the affected hardware behind a firewall or into a DMZ
If remote connections to the network are required, consider using a VPN or other means to ensure secure remote connections into the network where the device is located.
More information on this issue can be found in Honeywell Security Notification SN 2019-09-04 01

Affected Vendors

Honeywell

Affected Products (49)

Honeywell · H2W2GR1 <1.000.0000.18.20190409

Honeywell · H3W2GR1 <1.000.HW00.21.20190812

Honeywell · H3W2GR1V <1.000.0000.18.20190409

Honeywell · H3W2GR2 <1.000.HW00.21.20190812

Honeywell · H3W4GR1 <1.000.HW00.21.20190812

Honeywell · H3W4GR1V <1.000.0000.18.20190409

Honeywell · H4D8GR1 <2.420.HW00.9.20180510

Honeywell · H4L2GR1 <1.000.0000.18.20190423

Honeywell · H4L2GR1V <1.000.0000.18.20190423

Honeywell · H4L6GR2 <1.000.HW02.8.20190813

Honeywell · H4LGGR2 <1.000.HW04.3.20190813

Honeywell · H4W2GR1 <1.000.HW00.21.20190812

Honeywell · H4W2GR1V <1.000.0000.18.20190409

Honeywell · H4W2GR2 <1.000.HW00.21.20190812

Honeywell · H4W4GR1 <1.000.HW00.21.20190812

Honeywell · H4W4GR1V <1.000.0000.18.20190409

Honeywell · HBD8GR1 <2.420.HW00.9.20180510

Honeywell · HBL2GR1 <2.420.HW01.33.20190812

Honeywell · HBL2GR1V <1.000.0000.18.20190423

Honeywell · HBL6GR2 <1.000.HW04.3.20190813

Honeywell · HBL6GR2 <1.000.HW02.8.20190813

Honeywell · HBW2GR1 <1.000.HW00.21.20190812

Honeywell · HBW2GR1V <1.000.0000.18.20190409

Honeywell · HBW2GR3 <1.000.HW00.21.20190812

Honeywell · HBW2GR3V <1.000.0000.18.20190409

Honeywell · HBW4GR1 <1.000.HW00.21.20190812

Honeywell · HBW4GR1V <1.000.0000.18.20190409

Honeywell · HCD8G <2.420.HW00.9.20180510

Honeywell · HCL2G <1.000.0000.18.20190423

Honeywell · HCL2GV <1.000.0000.18.20190423

Honeywell · HCW2G <1.000.HW00.21.20190812

Honeywell · HCW2GV <1.000.0000.18.20190409

Honeywell · HCW4G <1.000.HW00.21.20190812

Honeywell · HDZ302D <1.000.0041.20180530

Honeywell · HDZ302DE <1.000.0041.20180530

Honeywell · HDZ302DIN <1.000.0041.20180530

Honeywell · HDZ302DIN-C1 <1.000.0041.20180530

Honeywell · HDZ302DIN-S1 <1.000.0041.20180530

Honeywell · HDZ302LIK <1.000.61.1.20180607

Honeywell · HDZ302LIW <1.000.61.1.20180607

Honeywell · HFD6GR1 <1.000.HW00.9.20180510

Honeywell · HFD8GR1 <1.000.HW00.9.20180510

Honeywell · HM4L8GR1 <1.000.HW02.8.20190813

Honeywell · HMBL8GR1 <1.000.HW02.8.20190813

Honeywell · H4D8PR1 <1.000.HW01.3.20190820

Honeywell · HFD5PR1 <1.000.HW01.1.20190822

Honeywell · HPW2P1 <1.000.HW01.3.20190820

Honeywell · HDZP304DI <1.000.HW10.5.20190812

Honeywell · HDZP252DI <1.000.HW02.3.20181109

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more