CVE-2019-18826
Severity Score
9.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. The embedded 'dongle_bridge' program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain.
Los dispositivos Barco ClickShare Button R9861500D01 versiones anteriores a 1.9.0, presentan Seguimiento Inapropiado de una Cadena de Confianza del Certificado. El programa integrado "dongle_bridge" utilizado para exponer las funcionalidades del ClickShare Button en un host USB, no comprueba apropiadamente la cadena de certificados completa.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-11-07 CVE Reserved
- 2019-12-16 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-295: Improper Certificate Validation
CAPEC
References (1)
| URL | Tag | Source |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| https://www.barco.com/en/clickshare/firmware-update | 2019-12-27 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Barco Search vendor "Barco" | Clickshare Cs-100 Firmware Search vendor "Barco" for product "Clickshare Cs-100 Firmware" | < 1.9.0 Search vendor "Barco" for product "Clickshare Cs-100 Firmware" and version " < 1.9.0" | - |
Affected
| in | Barco Search vendor "Barco" | Clickshare Cs-100 Search vendor "Barco" for product "Clickshare Cs-100" | - | - |
Safe
|
| Barco Search vendor "Barco" | Clickshare Cse-200 Firmware Search vendor "Barco" for product "Clickshare Cse-200 Firmware" | < 1.9.0 Search vendor "Barco" for product "Clickshare Cse-200 Firmware" and version " < 1.9.0" | - |
Affected
| in | Barco Search vendor "Barco" | Clickshare Cse-200 Search vendor "Barco" for product "Clickshare Cse-200" | - | - |
Safe
|
| Barco Search vendor "Barco" | Clickshare Cse-200\+ Firmware Search vendor "Barco" for product "Clickshare Cse-200\+ Firmware" | < 1.9.0 Search vendor "Barco" for product "Clickshare Cse-200\+ Firmware" and version " < 1.9.0" | - |
Affected
| in | Barco Search vendor "Barco" | Clickshare Cse-200\+ Search vendor "Barco" for product "Clickshare Cse-200\+" | - | - |
Safe
|
| Barco Search vendor "Barco" | Clickshare Cse-800 Firmware Search vendor "Barco" for product "Clickshare Cse-800 Firmware" | < 1.9.0 Search vendor "Barco" for product "Clickshare Cse-800 Firmware" and version " < 1.9.0" | - |
Affected
| in | Barco Search vendor "Barco" | Clickshare Cse-800 Search vendor "Barco" for product "Clickshare Cse-800" | - | - |
Safe
|