[Control systems] Honeywell security advisory

Number: AV19-204
Date : 13 September 2019

On 13 September 2019 Honeywell released security updates to address vulnerabilities affecting their equIP® Series and Performance Series IP Cameras and NVRs. Successful exploitation of these vulnerabilities may allow an actor to access confidential information or cause a denial of service condition.

The Cyber Centre encourages users and administrators to review the following Honeywell Security Bulletins and apply the necessary manufacturer updates:

https://www.security.honeywell.com/-/media/Security/Resources/PDF/Product-Warranty/Security_Notification_SN_2019-09-04-01_V4-pdf.pdf?la=en-US&hash=929A620154F2390954FB4C2A28AC8C1E3B37D008

https://www.security.honeywell.com/-/media/Security/Resources/PDF/Product-Warranty/Security_Notification_SN_2019-09-13-02_V4-pdf.pdf?la=en-US&hash=7FDD915D188FB3257E0E712FC6A3E520B45560AB

https://www.security.honeywell.com/-/media/Security/Resources/PDF/Product-Warranty/Security_Notification_SN_2019-09-13-01_V4-pdf.pdf?la=en-US&hash=163378B6E8A4681AF8D753B8CB35F03F2DD147C6

Note to Readers

The Canadian Centre for Cyber Security (Cyber Centre) operates as part of the Communications Security Establishment. We are Canada’s national authority on cyber security and we lead the government’s response to cyber security events. As Canada's national computer security incident response team, the Cyber Centre works in close collaboration with government departments, critical infrastructure, Canadian businesses and international partners to prepare for, respond to, mitigate, and recover from cyber events. We do this by providing authoritative advice and support, and coordinating information sharing and incident response. The Cyber Centre is outward-facing, welcoming partnerships that help build a stronger, more resilient cyber space in Canada.