Search criteria
12 vulnerabilities found for clickshare_button_r9861500d01_firmware by barco
FKIE_CVE-2019-18833
Vulnerability from fkie_nvd - Published: 2019-12-17 14:15 - Updated: 2024-11-21 04:33
Severity ?
Summary
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.barco.com/en/clickshare/firmware-update | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.barco.com/en/clickshare/firmware-update | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| barco | clickshare_button_r9861500d01_firmware | * | |
| barco | clickshare_button_r9861500d01 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99C3E881-7CCC-40BA-82EC-9D3B68C635C1",
"versionEndExcluding": "1.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barco:clickshare_button_r9861500d01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEA8D4F-FA2D-4B2A-81D5-7843FE198B23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key."
},
{
"lang": "es",
"value": "Los dispositivos Barco ClickShare Button R9861500D01 versiones anteriores a la versi\u00f3n 1.9.0, permiten una exposici\u00f3n de informaci\u00f3n (problema 2 de 2). La clave de cifrado del contenido multimedia que se comparti\u00f3 entre un ClickShare Button y un ClickShare Base Unit es generada aleatoriamente para cada nueva sesi\u00f3n y se comunic\u00f3 por medio de una conexi\u00f3n TLS. Un atacante que puede realizar un ataque de tipo Man-in-the-Middle entre la conexi\u00f3n TLS, puede obtener la clave de cifrado."
}
],
"id": "CVE-2019-18833",
"lastModified": "2024-11-21T04:33:40.377",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-17T14:15:18.030",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-311"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-18832
Vulnerability from fkie_nvd - Published: 2019-12-17 14:15 - Updated: 2024-11-21 04:33
Severity ?
Summary
Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://www.barco.com/en/clickshare/firmware-update | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.barco.com/en/clickshare/firmware-update | Vendor Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| barco | clickshare_button_r9861500d01_firmware | * | |
| barco | clickshare_button_r9861500d01 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "99C3E881-7CCC-40BA-82EC-9D3B68C635C1",
"versionEndExcluding": "1.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barco:clickshare_button_r9861500d01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEA8D4F-FA2D-4B2A-81D5-7843FE198B23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01."
},
{
"lang": "es",
"value": "Los dispositivos Barco ClickShare Button R9861500D01 versiones anteriores a la versi\u00f3n 1.9.0, tienen una Gesti\u00f3n de Credenciales incorrecta. Los ClickShare Button implementan el cifrado en reposo que utiliza una clave de cifrado AES (OTP) programable de una sola vez. Esta clave se comparte en todos los dispositivos ClickShare Buttons del modelo R9861500D01."
}
],
"id": "CVE-2019-18832",
"lastModified": "2024-11-21T04:33:40.220",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-17T14:15:17.967",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-327"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-18824
Vulnerability from fkie_nvd - Published: 2019-12-17 14:15 - Updated: 2024-11-21 04:33
Severity ?
Summary
Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| barco | clickshare_button_r9861500d01_firmware | * | |
| barco | clickshare_button_r9861500d01 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC7D094-0981-4E07-89A6-3825BF56E1DD",
"versionEndExcluding": "1.10.0.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barco:clickshare_button_r9861500d01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEA8D4F-FA2D-4B2A-81D5-7843FE198B23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used."
},
{
"lang": "es",
"value": "Los dispositivos Barco ClickShare Button R9861500D01 versiones anteriores a la versi\u00f3n 1.10.0.13, tienen una Falta de Soporte para la Comprobaci\u00f3n de Integridad. Los ClickShare Button no comprueban la integridad del contenido mutable en la partici\u00f3n UBIFS antes de ser utilizada"
}
],
"id": "CVE-2019-18824",
"lastModified": "2024-11-21T04:33:39.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 6.9,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:L/AC:M/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "PHYSICAL",
"availabilityImpact": "HIGH",
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 0.7,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-17T14:15:17.747",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2019-18829
Vulnerability from fkie_nvd - Published: 2019-12-17 14:15 - Updated: 2024-11-21 04:33
Severity ?
Summary
Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed 'Clickshare_For_Windows.exe' binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| barco | clickshare_button_r9861500d01_firmware | * | |
| barco | clickshare_button_r9861500d01 | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BCC7D094-0981-4E07-89A6-3825BF56E1DD",
"versionEndExcluding": "1.10.0.13",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:barco:clickshare_button_r9861500d01:-:*:*:*:*:*:*:*",
"matchCriteriaId": "DDEA8D4F-FA2D-4B2A-81D5-7843FE198B23",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed \u0027Clickshare_For_Windows.exe\u0027 binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity."
},
{
"lang": "es",
"value": "Los dispositivos Barco ClickShare Button R9861500D01 versiones anteriores a la versi\u00f3n 1.10.0.13, no poseen un soporte para la comprobaci\u00f3n de integridad. El binario firmado \"Clickshare_For_Windows.exe\" sobre el ClickShare Button (R9861500D01) carga una cantidad de archivos DLL din\u00e1micamente sin comprobar su integridad"
}
],
"id": "CVE-2019-18829",
"lastModified": "2024-11-21T04:33:39.760",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "LOCAL",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 4.4,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 3.4,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-12-17T14:15:17.903",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-345"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2019-18833 (GCVE-0-2019-18833)
Vulnerability from cvelistv5 – Published: 2019-12-17 13:53 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-17T13:53:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18833",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18833",
"datePublished": "2019-12-17T13:53:06",
"dateReserved": "2019-11-07T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18832 (GCVE-0-2019-18832)
Vulnerability from cvelistv5 – Published: 2019-12-17 13:51 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.781Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-17T13:51:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18832",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18832",
"datePublished": "2019-12-17T13:51:58",
"dateReserved": "2019-11-07T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18829 (GCVE-0-2019-18829)
Vulnerability from cvelistv5 – Published: 2019-12-17 13:50 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed 'Clickshare_For_Windows.exe' binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed \u0027Clickshare_For_Windows.exe\u0027 binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-13T16:46:44",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed \u0027Clickshare_For_Windows.exe\u0027 binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18829",
"datePublished": "2019-12-17T13:50:54",
"dateReserved": "2019-11-07T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18824 (GCVE-0-2019-18824)
Vulnerability from cvelistv5 – Published: 2019-12-17 13:47 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-13T16:37:24",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18824",
"datePublished": "2019-12-17T13:47:47",
"dateReserved": "2019-11-07T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18833 (GCVE-0-2019-18833)
Vulnerability from nvd – Published: 2019-12-17 13:53 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-17T13:53:06",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18833",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18833",
"datePublished": "2019-12-17T13:53:06",
"dateReserved": "2019-11-07T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18832 (GCVE-0-2019-18832)
Vulnerability from nvd – Published: 2019-12-17 13:51 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.781Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-17T13:51:58",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18832",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18832",
"datePublished": "2019-12-17T13:51:58",
"dateReserved": "2019-11-07T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18829 (GCVE-0-2019-18829)
Vulnerability from nvd – Published: 2019-12-17 13:50 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed 'Clickshare_For_Windows.exe' binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed \u0027Clickshare_For_Windows.exe\u0027 binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-13T16:46:44",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed \u0027Clickshare_For_Windows.exe\u0027 binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18829",
"datePublished": "2019-12-17T13:50:54",
"dateReserved": "2019-11-07T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18824 (GCVE-0-2019-18824)
Vulnerability from nvd – Published: 2019-12-17 13:47 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-13T16:37:24",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18824",
"datePublished": "2019-12-17T13:47:47",
"dateReserved": "2019-11-07T00:00:00",
"dateUpdated": "2024-08-05T02:02:39.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}