Headline
CVE-2021-39364: Services
Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow command spoofing (for camera control) after ARP cache poisoning has been achieved.
At Honeywell, we take cybersecurity seriously. We continually investigate any reported vulnerability on Honeywell video products. We always keep our customers and partners informed at the earliest possible time.
We highly recommend our customers to regularly check this Security Notices page. If you have already purchased and installed the product(s) in the list on the Security Notifications below, please follow the instructions and upgrade to the latest firmware version.
The latest firmware and security keys can be downloaded from the following link:
mywebtech.honeywell.com/Home