CVE-2019-18829
Severity CVSS v4.0:
Pending analysis
Type:
CWE-345
Insufficient Verification of Data Authenticity
Publication date:
17/12/2019
Last modified:
21/07/2021
Description
Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The Barco signed 'Clickshare_For_Windows.exe' binary on the ClickShare Button (R9861500D01) loads a number of DLL files dynamically without verifying their integrity.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Base Score 2.0
4.40
Severity 2.0
MEDIUM
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:barco:clickshare_button_r9861500d01_firmware:*:*:*:*:*:*:*:* | 1.10.0.13 (excluding) | |
| cpe:2.3:h:barco:clickshare_button_r9861500d01:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/
- https://www.barco.com/en/clickshare/firmware-update
- https://www.barco.com/en/clickshare/support/software/R33050069?majorVersion=01&minorVersion=10&patchVersion=00&buildVersion=013
- https://www.barco.com/en/clickshare/support/software/R33050070?majorVersion=01&minorVersion=10&patchVersion=00&buildVersion=013