CVE-2019-18831 — MEDIUM (5.3)

Q: What is CVE-2019-18831?

CVE-2019-18831 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate.

Q: How severe is CVE-2019-18831?

CVE-2019-18831 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-18831?

Check the references section above for vendor advisories and patch information. Affected products include: Barco Clickshare Cs-100 Firmware, Barco Clickshare Cs-100, Barco Clickshare Cse-200 Firmware, Barco Clickshare Cse-200, Barco Clickshare Cse-200\+ Firmware.

Vulnerability Description

Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate.

CVSS Score

5.3

MEDIUM

CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Barco	Clickshare Cs-100 Firmware	< 1.9.0
Barco	Clickshare Cs-100	-
Barco	Clickshare Cse-200 Firmware	< 1.9.0
Barco	Clickshare Cse-200	-
Barco	Clickshare Cse-200\+ Firmware	< 1.9.0
Barco	Clickshare Cse-200\+	-
Barco	Clickshare Cse-800 Firmware	< 1.9.0
Barco	Clickshare Cse-800	-

Related Weaknesses (CWE)

CWE-798

References

https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clicksharThird Party Advisory
https://www.barco.com/en/clickshare/firmware-updateVendor Advisory
https://www.barco.com/en/support/software/R33050069?majorVersion=01&minorVersionProduct
https://www.barco.com/en/support/software/R33050070?majorVersion=01&minorVersionProductVendor Advisory
https://www.barco.com/en/support/software/R33050095?majorVersion=01&minorVersionProductVendor Advisory
https://www.barco.com/en/support/software/R33050125?majorVersion=01&minorVersionProductVendor Advisory
https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clicksharThird Party Advisory
https://www.barco.com/en/clickshare/firmware-updateVendor Advisory
https://www.barco.com/en/support/software/R33050069?majorVersion=01&minorVersionProduct
https://www.barco.com/en/support/software/R33050070?majorVersion=01&minorVersionProductVendor Advisory
https://www.barco.com/en/support/software/R33050095?majorVersion=01&minorVersionProductVendor Advisory
https://www.barco.com/en/support/software/R33050125?majorVersion=01&minorVersionProductVendor Advisory

FAQ

What is CVE-2019-18831?

CVE-2019-18831 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate.

How severe is CVE-2019-18831?

CVE-2019-18831 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-18831?

Check the references section above for vendor advisories and patch information. Affected products include: Barco Clickshare Cs-100 Firmware, Barco Clickshare Cs-100, Barco Clickshare Cse-200 Firmware, Barco Clickshare Cse-200, Barco Clickshare Cse-200\+ Firmware.