// For flags

CVE-2019-18828

 

Severity Score

6.8
*CVSS v3.1

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

0
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account (present for access via debug interfaces, which are by default not enabled on production devices) of the embedded Linux on the ClickShare Button is using a weak password.

Los dispositivos Barco ClickShare Button R9861500D01 versiones anteriores a 1.9.0, poseen credenciales insuficientemente protegidas. La cuenta root (presente para el acceso por medio de interfaces de depuración, que por defecto no están habilitadas en dispositivos de producción) del Linux integrado en el ClickShare Button está usando una contraseña débil.

*Credits: N/A
CVSS Scores
Attack Vector
Physical
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
Attack Vector
Local
Attack Complexity
Low
Authentication
None
Confidentiality
Complete
Integrity
Complete
Availability
Complete
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2019-11-07 CVE Reserved
  • 2019-12-16 CVE Published
  • 2023-11-22 EPSS Updated
  • 2024-08-05 CVE Updated
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
  • ---------- First Exploit
CWE
  • CWE-521: Weak Password Requirements
CAPEC
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Barco
Search vendor "Barco"
Clickshare Cs-100 Firmware
Search vendor "Barco" for product "Clickshare Cs-100 Firmware"
< 1.9.0
Search vendor "Barco" for product "Clickshare Cs-100 Firmware" and version " < 1.9.0"
-
Affected
in Barco
Search vendor "Barco"
Clickshare Cs-100
Search vendor "Barco" for product "Clickshare Cs-100"
--
Safe
Barco
Search vendor "Barco"
Clickshare Cse-200 Firmware
Search vendor "Barco" for product "Clickshare Cse-200 Firmware"
< 1.9.0
Search vendor "Barco" for product "Clickshare Cse-200 Firmware" and version " < 1.9.0"
-
Affected
in Barco
Search vendor "Barco"
Clickshare Cse-200
Search vendor "Barco" for product "Clickshare Cse-200"
--
Safe
Barco
Search vendor "Barco"
Clickshare Cse-200\+ Firmware
Search vendor "Barco" for product "Clickshare Cse-200\+ Firmware"
< 1.9.0
Search vendor "Barco" for product "Clickshare Cse-200\+ Firmware" and version " < 1.9.0"
-
Affected
in Barco
Search vendor "Barco"
Clickshare Cse-200\+
Search vendor "Barco" for product "Clickshare Cse-200\+"
--
Safe
Barco
Search vendor "Barco"
Clickshare Cse-800 Firmware
Search vendor "Barco" for product "Clickshare Cse-800 Firmware"
< 1.9.0
Search vendor "Barco" for product "Clickshare Cse-800 Firmware" and version " < 1.9.0"
-
Affected
in Barco
Search vendor "Barco"
Clickshare Cse-800
Search vendor "Barco" for product "Clickshare Cse-800"
--
Safe