Missing Integrity Check in Barco ClickShare Button R9861500D01
CVE-2019-18824

6.6MEDIUM

Key Information:

Vendor

Barco

Status
Clickshare Button R9861500d01 Firmware
Vendor
CVE Published:
17 December 2019

What is CVE-2019-18824?

The Barco ClickShare Button R9861500D01, prior to version 1.10.0.13, is susceptible to a vulnerability that arises from insufficient integrity checks on the UBIFS partition. This allows for potentially malicious modifications to go undetected, risking the security of device operations and connected sessions. Users are advised to update to the latest firmware version to mitigate this risk.

References

https://www.barco.com/en/clickshare/firmware-update
x_refsource_MISC
https://labs.f-secure.com/advisories/multiple-vulnerabili...
x_refsource_MISC
https://www.barco.com/en/clickshare/support/software/R330...
x_refsource_CONFIRM

CVSS V3.1

Score:
6.6
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2019-18824 : Missing Integrity Check in Barco ClickShare Button R9861500D01