Code injection

2019-12-1714:15:00

PRIOn knowledge base

www.prio-n.com

7.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.7%

JSON

Barco ClickShare Huddle CS-100 devices before 1.9.0 and CSE-200 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Base Unit implements encryption at rest using encryption keys which are shared across all ClickShare Base Units of models CS-100 & CSE-200.

CPENameOperatorVersion
clickshare_cs-100_huddle_firmwarelt1.9.0
clickshare_cse-200_firmwarelt1.9.0

CPE	Name	Operator	Version
	clickshare_cs-100_huddle_firmware	lt	1.9.0
	clickshare_cse-200_firmware	lt	1.9.0

References

labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/

www.barco.com/en/clickshare/firmware-update