Vulnerability Description
Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Barco | Clickshare Button R9861500D01 Firmware | < 1.9.0 |
| Barco | Clickshare Button R9861500D01 | - |
Related Weaknesses (CWE)
References
- https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clicksharExploitThird Party Advisory
- https://www.barco.com/en/clickshare/firmware-updateVendor Advisory
- https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clicksharExploitThird Party Advisory
- https://www.barco.com/en/clickshare/firmware-updateVendor Advisory
FAQ
What is CVE-2019-18832?
CVE-2019-18832 is a vulnerability with a CVSS score of 8.1 (HIGH). Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encrypt...
How severe is CVE-2019-18832?
CVE-2019-18832 has been rated HIGH with a CVSS base score of 8.1/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-18832?
Check the references section above for vendor advisories and patch information. Affected products include: Barco Clickshare Button R9861500D01 Firmware, Barco Clickshare Button R9861500D01.