CVE-2019-18230
high-risk
Published 2019-10-31
Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP.
Do I need to act?
-
0.26% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
7
CVSS 7.5/10
High
NETWORK
/ LOW complexity
Affected Products (20)
H4D8Pr1 Firmware
Hfd5Pr1 Firmware
Hpw2P1 Firmware
Hdzp304Di Firmware
Hdzp252Di Firmware
Hdz302Din-S1 Firmware
Hdz302Lik Firmware
Hdz302Liw Firmware
Hfd6Gr1 Firmware
Hfd8Gr1 Firmware
Hm4L8Gr1 Firmware
Hmbl8Gr1 Firmware
H2W2Gr1 Firmware
H3W2Gr1 Firmware
H3W2Gr1V Firmware
H3W2Gr2 Firmware
H3W4Gr1 Firmware
H3W4Gr1V Firmware
H4D8Gr1 Firmware
H4L2Gr1 Firmware
Affected Vendors
References (2)
Third Party Advisory
https://www.us-cert.gov/ics/advisories/icsa-19-304-03
Third Party Advisory
https://www.us-cert.gov/ics/advisories/icsa-19-304-03
52
/ 100
high-risk
Severity
26/34 · High
Exploitability
1/34 · Minimal
Exposure
25/34 · High