CVE-2019-18825
Severity Score
7.5
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
1
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Barco ClickShare Huddle CS-100 devices before 1.9.0 and CSE-200 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Base Unit implements encryption at rest using encryption keys which are shared across all ClickShare Base Units of models CS-100 & CSE-200.
Los dispositivos Barco ClickShare Huddle CS-100 versiones anteriores a la versión 1.9.0 y CSE-200 versiones anteriores a la versión 1.9.0, tienen una Gestión de Credenciales incorrecta. La ClickShare Base Unit implementa el cifrado en reposo utilizando claves de cifrado que son compartidas por medio de todas las ClickShare Base Units de los modelos CS-100 y CSE-200.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-11-07 CVE Reserved
- 2019-12-17 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-05 CVE Updated
- 2024-08-05 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
CAPEC
References (2)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|---|---|
| https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare | 2024-08-05 |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.barco.com/en/clickshare/firmware-update | 2019-12-26 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Barco Search vendor "Barco" | Clickshare Cs-100 Huddle Firmware Search vendor "Barco" for product "Clickshare Cs-100 Huddle Firmware" | < 1.9.0 Search vendor "Barco" for product "Clickshare Cs-100 Huddle Firmware" and version " < 1.9.0" | - |
Affected
| in | Barco Search vendor "Barco" | Clickshare Cs-100 Huddle Search vendor "Barco" for product "Clickshare Cs-100 Huddle" | - | - |
Safe
|
| Barco Search vendor "Barco" | Clickshare Cse-200 Firmware Search vendor "Barco" for product "Clickshare Cse-200 Firmware" | < 1.9.0 Search vendor "Barco" for product "Clickshare Cse-200 Firmware" and version " < 1.9.0" | - |
Affected
| in | Barco Search vendor "Barco" | Clickshare Cse-200 Search vendor "Barco" for product "Clickshare Cse-200" | - | - |
Safe
|