CVE-2019-18824

Current Description

Barco ClickShare Button R9861500D01 devices before 1.9.0 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used.

Basic Data

PublishedDecember 17, 2019
Last ModifiedDecember 26, 2019
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeCWE-20
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:L/AC:M/Au:N/C:C/I:C/A:C
CVSS 2 - Access VectorLOCAL
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactCOMPLETE
CVSS 2 - Availability ImpactCOMPLETE
CVSS 2 - Base Score6.9
SeverityMEDIUM
Exploitability Score3.4
Impact Score10.0
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • AND
    • OR - Configuration 1
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3OSBarcoClickshare Button R9861500d01 Firmware********1.9.0
    • OR Running on/with:
      Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
      2.3HardwareBarcoClickshare Button R9861500d01-*******

Vulnerable Software List

VendorProductVersions
Barco Clickshare Button R9861500d01 Firmware *

References

NameSourceURLTags
https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/MISCExploit Third Party Advisory
https://www.barco.com/en/clickshare/firmware-updatehttps://www.barco.com/en/clickshare/firmware-updateMISCVendor Advisory