Information Exposure in Barco ClickShare Button Devices
CVE-2019-18831

5.3MEDIUM

Key Information:

Vendor

Barco

Status
Clickshare Cs-100 Firmware
Vendor
CVE Published:
16 December 2019

What is CVE-2019-18831?

Barco ClickShare Button R9861500D01 devices running versions prior to 1.9.0 are susceptible to an information exposure vulnerability. The button's encrypted firmware includes the private key of a test device-certificate, creating potential risks for unauthorized access and compromise of secure communications. It is imperative for users to update their devices to the latest firmware version to mitigate these security issues. For more information, please visit the Barco support page.

References

https://www.barco.com/en/clickshare/firmware-update
x_refsource_MISC
https://labs.f-secure.com/advisories/multiple-vulnerabili...
x_refsource_MISC
https://www.barco.com/en/support/software/R33050069?major...
x_refsource_MISC

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.