PT-2019-15683 · Barco · Barco Clickshare Button

Published

2019-12-16

Updated

2019-12-27

CVE-2019-18826

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Barco ClickShare Button R9861500D01 versions prior to 1.9.0

Description The issue arises from the 'dongle bridge' program, which is used to expose the functionalities of the ClickShare Button to a USB host. This program does not properly validate the whole certificate chain, leading to Improper Following of a Certificate's Chain of Trust.

Recommendations For versions prior to 1.9.0, update to version 1.9.0 or later to resolve the issue. As a temporary workaround, consider restricting the use of the 'dongle bridge' program until a patch is available.

Fix

Improper Certificate Validation

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-295

Related Identifiers

CVE-2019-18826

Affected Products

Barco Clickshare Button

PT-2019-15683 · Barco · Barco Clickshare Button

CVE-2019-18826

Weakness Enumeration

Related Identifiers

Affected Products

References · 3