Vulnerability Description
Barco ClickShare Huddle CS-100 devices before 1.9.0 and CSE-200 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Base Unit implements encryption at rest using encryption keys which are shared across all ClickShare Base Units of models CS-100 & CSE-200.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Barco | Clickshare Cs-100 Huddle Firmware | < 1.9.0 |
| Barco | Clickshare Cs-100 Huddle | - |
| Barco | Clickshare Cse-200 Firmware | < 1.9.0 |
| Barco | Clickshare Cse-200 | - |
References
- https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clicksharExploitThird Party Advisory
- https://www.barco.com/en/clickshare/firmware-updateVendor Advisory
- https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clicksharExploitThird Party Advisory
- https://www.barco.com/en/clickshare/firmware-updateVendor Advisory
FAQ
What is CVE-2019-18825?
CVE-2019-18825 is a vulnerability with a CVSS score of 7.5 (HIGH). Barco ClickShare Huddle CS-100 devices before 1.9.0 and CSE-200 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Base Unit implements encryption at rest using encryption keys...
How severe is CVE-2019-18825?
CVE-2019-18825 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-18825?
Check the references section above for vendor advisories and patch information. Affected products include: Barco Clickshare Cs-100 Huddle Firmware, Barco Clickshare Cs-100 Huddle, Barco Clickshare Cse-200 Firmware, Barco Clickshare Cse-200.