• Skip to primary navigation
  • Skip to main content
CVE Vulnerability

CVE Vulnerability

  • CVE’s
  • Products
  • Vendors

clickshare_cse-800

CVE-2019-18826

February 26, 2023 by

Barco ClickShare Button R9861500D01 devices before 1.9.0 have Improper Following of a Certificate’s Chain of Trust. The embedded ‘dongle_bridge’ program used to expose the functionalities of the ClickShare Button to a USB host, does not properly validate the whole certificate chain.

CVE-2019-18827

February 26, 2023 by

On Barco ClickShare Button R9861500D01 devices (before firmware version 1.9.0) JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code from ROM before handing control over to embedded firmware.

CVE-2019-18828

February 26, 2023 by

Barco ClickShare Button R9861500D01 devices before 1.9.0 have Insufficiently Protected Credentials. The root account (present for access via debug interfaces, which are by default not enabled on production devices) of the embedded Linux on the ClickShare Button is using a weak password.

CVE-2019-18830

February 26, 2023 by

Barco ClickShare Button R9861500D01 devices before 1.9.0 allow OS Command Injection. The embedded ‘dongle_bridge’ program used to expose the functionalities of the ClickShare Button to a USB host, is vulnerable to OS command injection vulnerabilities. These vulnerabilities could lead to code execution on the ClickShare Button with the privileges of the user ‘nobody’.

CVE-2019-18831

February 26, 2023 by

Barco ClickShare Button R9861500D01 devices before 1.9.0 allow Information Exposure. The encrypted ClickShare Button firmware contains the private key of a test device-certificate.

Copyright CVE Vulnerabilities 2023
Data Sources:

  • NIST
  • MITRE
  • CVE Search
  • Open CVE