high
7.5
CWE
306
Advisory Published
Updated

CVE-2019-18230

First published: Thu Oct 31 2019(Updated: )

Honeywell equIP and Performance series IP cameras, multiple versions, A vulnerability exists where the affected product allows unauthenticated access to audio streaming over HTTP.

Credit: ics-cert@hq.dhs.gov

Affected SoftwareAffected VersionHow to fix
Honeywell H4d8pr1<1.000.hw01.3.20190820
Honeywell H4d8pr1 Firmware
Honeywell HFD5PR1<1.000.hw01.1.20190822
Honeywell HFD5PR1 Firmware
Honeywell HPW2P1<1.000.hw01.3.20190820
Honeywell HPW2P1 Firmware
Honeywell HDZP304DI<1.000.hw10.5.20190812
Honeywell Hdzp304di Firmware
Honeywell HDZP252DI Firmware<1.000.hw02.3.20181109
Honeywell HDZP252DI Firmware
Honeywell HDZ302DIN-S1 Firmware<1.000.0041.20180530
Honeywell HDZ302DIN
Honeywell HDZ302LIK<1.000.61.1.20180607
Honeywell HDZ302LIK
Honeywell HDZ302LIW Firmware<1.000.61.1.20180607
Honeywell HDZ302LIW Firmware
Honeywell HFD6GR1<1.000.hw00.9.20180510
Honeywell HFD6GR1
Honeywell HFD8GR1<1.000.hw00.9.20180510
Honeywell Hbd8gr1
Honeywell Hm4l8gr1<1.000.hw02.8.20190813
Honeywell Hm4l8gr1 Firmware
Honeywell Hmbl8gr1<1.000.hw02.8.20190813
Honeywell Hmbl8gr1
Honeywell H2w2gr1<1.000.0000.18.20190409
Honeywell H2w2gr1 Firmware
Honeywell H3w2gr1v<1.000.hw00.21.20190812
Honeywell H3w2gr1v
Honeywell H3w2gr1v<1.000.0000.18.20190409
Honeywell H3w2gr1v Firmware
Honeywell H3w2gr2<1.000.hw00.21.20190812
Honeywell H3w2gr2 Firmware
Honeywell H3w4gr1v Firmware<1.000.hw00.21.20190812
Honeywell H3w4gr1v Firmware
Honeywell H3w4gr1 Firmware<1.000.0000.18.20190409
Honeywell H3w4gr1v Firmware
Honeywell H4d8gr1<2.420.hw00.9.20180510
Honeywell H4d8gr1 Firmware
Honeywell H4l2gr1 Firmware<1.000.0000.18.20190423
Honeywell H4l2gr1 Firmware
Honeywell H4l2gr1v<1.000.0000.18.20190423
Honeywell H4l2gr1 Firmware
Honeywell H4l6gr2<1.000.hw02.8.20190813
Honeywell H4l6gr2 Firmware
Honeywell H4lggr2<1.000.hw04.3.20190813
Honeywell H4lggr2 Firmware
Honeywell H4w2gr1 Firmware<1.000.hw00.21.20190812
Honeywell H4w2gr1 Firmware
Honeywell H4w2gr1 Firmware<1.000.0000.18.20190409
Honeywell H4w2gr1 Firmware
Honeywell H4w2gr2<1.000.hw00.21.20190812
Honeywell H4w2gr2 Firmware
Honeywell H4w4gr1v Firmware<1.000.hw00.21.20190812
Honeywell H4w4gr1v Firmware
Honeywell H4w4gr1 Firmware<1.000.0000.18.20190409
Honeywell H4w4gr1v Firmware
Honeywell Hbd8gr1<2.420.hw00.9.20180510
Honeywell Hbd8gr1 Firmware
Honeywell Hbl2gr1v Firmware<2.420.hw01.33.20190812
Honeywell Hbl2gr1 Firmware
Honeywell Hbl2gr1v Firmware<1.000.0000.18.20190423
Honeywell Hbl2gr1v Firmware
Honeywell HBL6GR2 Firmware<1.000.hw04.3.20190813
Honeywell HBL6GR2 Firmware
Honeywell HBL6GR2 Firmware<1.000.hw02.8.20190813
Honeywell HBW2GR1 Firmware<1.000.hw00.21.20190812
Honeywell Hbw2gr1 Firmware
Honeywell Hbw2gr1 Firmware<1.000.0000.18.20190409
Honeywell Hbw2gr1v Firmware
Honeywell Hbw2gr3v Firmware<1.000.hw00.21.20190812
Honeywell HBW2GR3
Honeywell Hbw2gr3<1.000.0000.18.20190409
Honeywell Hbw2gr3v Firmware
Honeywell HBW4GR1 Firmware<1.000.hw00.21.20190812
Honeywell Hbw4gr1 Firmware
Honeywell Hbw4gr1 Firmware<1.000.0000.18.20190409
Honeywell Hbw4gr1 Firmware
Honeywell HCD8G<2.420.hw00.9.20180510
Honeywell HCD8G Firmware
Honeywell HCL2GV<1.000.0000.18.20190423
Honeywell Hcl2g Firmware
Honeywell HCL2G Firmware<1.000.0000.18.20190423
Honeywell HCL2G Firmware
Honeywell HCW2G Firmware<1.000.hw00.21.20190812
Honeywell HCW2G Firmware
Honeywell Hcw2gv<1.000.0000.18.20190409
Honeywell HCW2G Firmware
Honeywell Hcw4g Firmware<1.000.hw00.21.20190812
Honeywell Hcw4g Firmware
Honeywell HDZ302D<1.000.0041.20180530
Honeywell HDZ302D Firmware
Honeywell HDZ302DE Firmware<1.000.0041.20180530
Honeywell HDZ302DE Firmware
Honeywell HDZ302DIN<1.000.0041.20180530
Honeywell HDZ302DIN-C1
Honeywell HDZ302DIN-C1<1.000.0041.20180530
Honeywell HDZ302DIN

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Read MoreStart Free Trial

Reference Links

Frequently Asked Questions

  • What is the severity of CVE-2019-18230?

    The severity of CVE-2019-18230 is rated as high due to unauthenticated access to sensitive audio streaming.

  • How do I fix CVE-2019-18230?

    To fix CVE-2019-18230, upgrade the affected Honeywell equIP or Performance series IP camera firmware to the latest version provided by Honeywell.

  • Which Honeywell camera models are affected by CVE-2019-18230?

    CVE-2019-18230 affects multiple models of Honeywell equIP and Performance series IP cameras using specific firmware versions.

  • What type of vulnerability is CVE-2019-18230?

    CVE-2019-18230 is an unauthenticated access vulnerability that allows attackers to stream audio over HTTP.

  • What are the potential risks of CVE-2019-18230?

    The potential risks of CVE-2019-18230 include unauthorized access to sensitive audio data, privacy breaches, and exposure to further attacks.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2025 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203