156 matches found
CVE-2019-18824
Barco ClickShare Button R9861500D01 devices affected are those running firmware before 1.10.0.13. The vulnerability arises from missing integrity verification of mutable content on the UBIFS partition prior to use, enabling impact to confidentiality, integrity, and availability (per CVSS). Public...
CVE-2019-18824
Barco ClickShare Button R9861500D01 devices before 1.10.0.13 have Missing Support for Integrity Check. The ClickShare Button does not verify the integrity of the mutable content on the UBIFS partition before being used...
CVE-2019-18831
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate...
CVE-2019-18828
Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account present for access via debug interfaces, which are by default not enabled on production devices of the embedded Linux on the ClickShare Button is using a weak password...
CVE-2019-18831
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate...
CVE-2019-18830
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code...
CVE-2019-18830
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code...
CVE-2019-18828
Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account present for access via debug interfaces, which are by default not enabled on production devices of the embedded Linux on the ClickShare Button is using a weak password...
CVE-2019-18827
On Barco ClickShare Button R9861500D01 devices before firmware version 1.9.0 JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code from ROM before handing control over to embedded firmware...
CVE-2019-18826
Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain...
CVE-2019-18827
On Barco ClickShare Button R9861500D01 devices before firmware version 1.9.0 JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code from ROM before handing control over to embedded firmware...
CVE-2019-18826
Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain...
Design/Logic Flaw
Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account present for access via debug interfaces, which are by default not enabled on production devices of the embedded Linux on the ClickShare Button is using a weak password...
Information disclosure
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate...
Command injection
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code...
Design/Logic Flaw
Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate's Chain of Trust. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain...
CVE-2019-18831
Barco ClickShare Button R9861500D01 devices prior to version 1.9.0 are affected by CVE-2019-18831, an information exposure vulnerability where the encrypted firmware stores the private key of a test device certificate. Public sources (NVD/Red Hat/CNVD) confirm the issue affects Barco ClickShare B...
CVE-2019-18831
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate...
CVE-2019-18830
Barco ClickShare Button R9861500D01 devices before firmware 1.9.0 are affected by an OS command injection in the embedded dongle_bridge component that exposes ClickShare Button functionality to a USB host. This vulnerability can lead to code execution with the privileges of user 'nobody'. Remedia...
CVE-2019-18830
Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded 'donglebridge' program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code...