PT-2019-15686 · Barco · Barco Clickshare Button

Published

2019-12-16

Updated

2019-12-23

CVE-2019-18830

CVSS v2.0

Critical

Vector

AV:N/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Barco ClickShare Button R9861500D01 versions prior to 1.9.0

Description The issue affects the dongle bridge program, which is used to expose the functionalities of the ClickShare Button to a USB host. This program is vulnerable to OS command injection, potentially leading to code execution on the ClickShare Button with the privileges of the user nobody.

Recommendations For Barco ClickShare Button R9861500D01 versions prior to 1.9.0, update to version 1.9.0 or later to resolve the issue.

Fix

OS Command Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-78

Related Identifiers

CVE-2019-18830

Affected Products

Barco Clickshare Button

PT-2019-15686 · Barco · Barco Clickshare Button

CVE-2019-18830

Weakness Enumeration

Related Identifiers

Affected Products

References · 8