Search criteria
8 vulnerabilities found for clickshare_button_r9861500d01_firmware by barco
CVE-2019-18833 (GCVE-0-2019-18833)
Vulnerability from nvd – Published: 2019-12-17 13:53 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.barco.com/en/clickshare/firmware-update | x_refsource_MISC |
| https://labs.f-secure.com/advisories/multiple-vul… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-17T13:53:06.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18833",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18833",
"datePublished": "2019-12-17T13:53:06.000Z",
"dateReserved": "2019-11-07T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:02:39.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18832 (GCVE-0-2019-18832)
Vulnerability from nvd – Published: 2019-12-17 13:51 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.barco.com/en/clickshare/firmware-update | x_refsource_MISC |
| https://labs.f-secure.com/advisories/multiple-vul… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.781Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-17T13:51:58.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18832",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18832",
"datePublished": "2019-12-17T13:51:58.000Z",
"dateReserved": "2019-11-07T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:02:39.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18829 (GCVE-0-2019-18829)
Vulnerability from nvd – Published: 2019-12-17 13:50 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed 'Clickshare_For_Windows.exe' binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.barco.com/en/clickshare/firmware-update | x_refsource_MISC |
| https://labs.f-secure.com/advisories/multiple-vul… | x_refsource_MISC |
| https://www.barco.com/en/clickshare/support/softw… | x_refsource_CONFIRM |
| https://www.barco.com/en/clickshare/support/softw… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed \u0027Clickshare_For_Windows.exe\u0027 binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-13T16:46:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed \u0027Clickshare_For_Windows.exe\u0027 binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18829",
"datePublished": "2019-12-17T13:50:54.000Z",
"dateReserved": "2019-11-07T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:02:39.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18824 (GCVE-0-2019-18824)
Vulnerability from nvd – Published: 2019-12-17 13:47 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.barco.com/en/clickshare/firmware-update | x_refsource_MISC |
| https://labs.f-secure.com/advisories/multiple-vul… | x_refsource_MISC |
| https://www.barco.com/en/clickshare/support/softw… | x_refsource_CONFIRM |
| https://www.barco.com/en/clickshare/support/softw… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-13T16:37:24.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18824",
"datePublished": "2019-12-17T13:47:47.000Z",
"dateReserved": "2019-11-07T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:02:39.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18833 (GCVE-0-2019-18833)
Vulnerability from cvelistv5 – Published: 2019-12-17 13:53 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.barco.com/en/clickshare/firmware-update | x_refsource_MISC |
| https://labs.f-secure.com/advisories/multiple-vul… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.786Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-17T13:53:06.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18833",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information exposure (issue 2 of 2).. The encryption key of the media content which is shared between a ClickShare Button and a ClickShare Base Unit is randomly generated for each new session and communicated over a TLS connection. An attacker who is able to perform a Man-in-the-Middle attack between the TLS connection, is able to obtain the encryption key."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18833",
"datePublished": "2019-12-17T13:53:06.000Z",
"dateReserved": "2019-11-07T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:02:39.786Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18832 (GCVE-0-2019-18832)
Vulnerability from cvelistv5 – Published: 2019-12-17 13:51 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://www.barco.com/en/clickshare/firmware-update | x_refsource_MISC |
| https://labs.f-secure.com/advisories/multiple-vul… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.781Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-12-17T13:51:58.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18832",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Button implements encryption at rest which uses a one-time programmable (OTP) AES encryption key. This key is shared across all ClickShare Buttons of model R9861500D01."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18832",
"datePublished": "2019-12-17T13:51:58.000Z",
"dateReserved": "2019-11-07T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:02:39.781Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18829 (GCVE-0-2019-18829)
Vulnerability from cvelistv5 – Published: 2019-12-17 13:50 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed 'Clickshare_For_Windows.exe' binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.barco.com/en/clickshare/firmware-update | x_refsource_MISC |
| https://labs.f-secure.com/advisories/multiple-vul… | x_refsource_MISC |
| https://www.barco.com/en/clickshare/support/softw… | x_refsource_CONFIRM |
| https://www.barco.com/en/clickshare/support/softw… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.555Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed \u0027Clickshare_For_Windows.exe\u0027 binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-13T16:46:44.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18829",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed \u0027Clickshare_For_Windows.exe\u0027 binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18829",
"datePublished": "2019-12-17T13:50:54.000Z",
"dateReserved": "2019-11-07T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:02:39.555Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-18824 (GCVE-0-2019-18824)
Vulnerability from cvelistv5 – Published: 2019-12-17 13:47 – Updated: 2024-08-05 02:02
VLAI?
Summary
Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
4 references
| URL | Tags |
|---|---|
| https://www.barco.com/en/clickshare/firmware-update | x_refsource_MISC |
| https://labs.f-secure.com/advisories/multiple-vul… | x_refsource_MISC |
| https://www.barco.com/en/clickshare/support/softw… | x_refsource_CONFIRM |
| https://www.barco.com/en/clickshare/support/softw… | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:02:39.475Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-08-13T16:37:24.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-18824",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.barco.com/en/clickshare/firmware-update",
"refsource": "MISC",
"url": "https://www.barco.com/en/clickshare/firmware-update"
},
{
"name": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/",
"refsource": "MISC",
"url": "https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
},
{
"name": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013",
"refsource": "CONFIRM",
"url": "https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01\u0026minorVersion=10\u0026patchVersion=00\u0026buildVersion=013"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-18824",
"datePublished": "2019-12-17T13:47:47.000Z",
"dateReserved": "2019-11-07T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:02:39.475Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}