CVE-2020-28332

Name of the Vulnerable Software and Affected Versions Barco wePresent WiPG-1600W versions 2.4.1.19, 2.5.0.24, 2.5.0.25, 2.5.1.8

Description The Barco wePresent WiPG-1600W firmware does not perform verification of digitally signed firmware updates and is susceptible to processing and installing modified/malicious images. This issue allows devices to download code without an integrity check.

Recommendations For version 2.4.1.19, update to a version that includes a fix for this issue. For version 2.5.0.24, update to a version that includes a fix for this issue. For version 2.5.0.25, update to a version that includes a fix for this issue. For version 2.5.1.8, update to a version that includes a fix for this issue. As a temporary workaround, consider restricting the installation of firmware updates to only trusted sources until a patch is available.