CVE-2019-18828
 
Severity Score
6.8
*CVSS v3.1
Exploit Likelihood
*EPSS
Affected Versions
*CPE
Public Exploits
0
*Multiple Sources
Exploited in Wild
-
*KEV
Decision
-
*SSVC
Descriptions
Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account (present for access via debug interfaces, which are by default not enabled on production devices) of the embedded Linux on the ClickShare Button is using a weak password.
Los dispositivos Barco ClickShare Button R9861500D01 versiones anteriores a 1.9.0, poseen credenciales insuficientemente protegidas. La cuenta root (presente para el acceso por medio de interfaces de depuración, que por defecto no están habilitadas en dispositivos de producción) del Linux integrado en el ClickShare Button está usando una contraseña débil.
*Credits:
N/A
CVSS Scores
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality
Integrity
Availability
Attack Vector
Attack Complexity
Authentication
Confidentiality
Integrity
Availability
* Common Vulnerability Scoring System
SSVC
- Decision:-
Exploitation
Automatable
Tech. Impact
* Organization's Worst-case Scenario
Timeline
- 2019-11-07 CVE Reserved
- 2019-12-16 CVE Published
- 2023-11-22 EPSS Updated
- 2024-08-05 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-521: Weak Password Requirements
CAPEC
References (6)
URL | Tag | Source |
---|---|---|
https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare | Third Party Advisory | |
https://www.barco.com/en/clickshare/firmware-update | Product |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Barco Search vendor "Barco" | Clickshare Cs-100 Firmware Search vendor "Barco" for product "Clickshare Cs-100 Firmware" | < 1.9.0 Search vendor "Barco" for product "Clickshare Cs-100 Firmware" and version " < 1.9.0" | - |
Affected
| in | Barco Search vendor "Barco" | Clickshare Cs-100 Search vendor "Barco" for product "Clickshare Cs-100" | - | - |
Safe
|
Barco Search vendor "Barco" | Clickshare Cse-200 Firmware Search vendor "Barco" for product "Clickshare Cse-200 Firmware" | < 1.9.0 Search vendor "Barco" for product "Clickshare Cse-200 Firmware" and version " < 1.9.0" | - |
Affected
| in | Barco Search vendor "Barco" | Clickshare Cse-200 Search vendor "Barco" for product "Clickshare Cse-200" | - | - |
Safe
|
Barco Search vendor "Barco" | Clickshare Cse-200\+ Firmware Search vendor "Barco" for product "Clickshare Cse-200\+ Firmware" | < 1.9.0 Search vendor "Barco" for product "Clickshare Cse-200\+ Firmware" and version " < 1.9.0" | - |
Affected
| in | Barco Search vendor "Barco" | Clickshare Cse-200\+ Search vendor "Barco" for product "Clickshare Cse-200\+" | - | - |
Safe
|
Barco Search vendor "Barco" | Clickshare Cse-800 Firmware Search vendor "Barco" for product "Clickshare Cse-800 Firmware" | < 1.9.0 Search vendor "Barco" for product "Clickshare Cse-800 Firmware" and version " < 1.9.0" | - |
Affected
| in | Barco Search vendor "Barco" | Clickshare Cse-800 Search vendor "Barco" for product "Clickshare Cse-800" | - | - |
Safe
|