CVE-2019-18827

On Barco ClickShare Button R9861500D01 devices (before firmware version 1.9.0) JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code from ROM before handing control over to embedded firmware.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:barco:clickshare_cs-100_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:barco:clickshare_cs-100:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:barco:clickshare_cse-200_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:barco:clickshare_cse-200:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:barco:clickshare_cse-200\+_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:barco:clickshare_cse-200\+:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:barco:clickshare_cse-800_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:barco:clickshare_cse-800:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:33

Type Values Removed Values Added
References () https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/ - Third Party Advisory () https://labs.f-secure.com/advisories/multiple-vulnerabilities-in-barco-clickshare/ - Third Party Advisory
References () https://www.barco.com/en/clickshare/firmware-update - Product () https://www.barco.com/en/clickshare/firmware-update - Product
References () https://www.barco.com/en/support/software/R33050069?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007 - Product, Vendor Advisory () https://www.barco.com/en/support/software/R33050069?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007 - Product, Vendor Advisory
References () https://www.barco.com/en/support/software/R33050070?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007 - Product, Vendor Advisory () https://www.barco.com/en/support/software/R33050070?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007 - Product, Vendor Advisory
References () https://www.barco.com/en/support/software/R33050095?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007 - Product, Vendor Advisory () https://www.barco.com/en/support/software/R33050095?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007 - Product, Vendor Advisory
References () https://www.barco.com/en/support/software/R33050125?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007 - Product, Vendor Advisory () https://www.barco.com/en/support/software/R33050125?majorVersion=01&minorVersion=09&patchVersion=01&buildVersion=007 - Product, Vendor Advisory

Information

Published : 2019-12-16 17:15

Updated : 2024-11-21 04:33


NVD link : CVE-2019-18827

Mitre link : CVE-2019-18827

CVE.ORG link : CVE-2019-18827


JSON object : View

Products Affected

barco

  • clickshare_cse-200_firmware
  • clickshare_cs-100
  • clickshare_cse-200
  • clickshare_cse-200\+_firmware
  • clickshare_cse-800
  • clickshare_cse-200\+
  • clickshare_cs-100_firmware
  • clickshare_cse-800_firmware
CWE
CWE-285

Improper Authorization

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')