← Back

CVE-2019-18827

nvd nist
Published: Dec 16, 2019Modified: Nov 21, 2024

JSON object

Loading...
5.9
Vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitability: 2.2 / Impact: 3.6
Source: NVD

Description

On Barco ClickShare Button R9861500D01 devices (before firmware version 1.9.0) JTAG access is disabled after ROM code execution. This means that JTAG access is possible when the system is running code from ROM before handing control over to embedded firmware.

Affected (4)

Barco
3 products
Clickshare Cs 100 Firmware
Clickshare Cse 200+ Firmware
Clickshare Cse 800 Firmware
Configuration A
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Clickshare Cs 100 Firmware
Before 1.9.0
Running on/withPlatform Versions
Barco
Clickshare Cs 100
All versions
Configuration B
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Clickshare Cse 200 Firmware
Before 1.9.0
Running on/withPlatform Versions
Barco
Clickshare Cse 200
All versions
Configuration C
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Clickshare Cse 200+ Firmware
Before 1.9.0
Running on/withPlatform Versions
Barco
Clickshare Cse 200+
All versions
Configuration D
1 vulnerable · 1 platform
Vulnerable SoftwareAffected Versions
Clickshare Cse 800 Firmware
Before 1.9.0
Running on/withPlatform Versions
Barco
Clickshare Cse 800
All versions

Related CWEs

CWE-285
Improper Authorization
The product does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action.
CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

References (12)

Source: cve@mitre.org
Third Party Advisory
Source: cve@mitre.org
Product
Source: cve@mitre.org
ProductVendor Advisory
Source: cve@mitre.org
ProductVendor Advisory
Source: cve@mitre.org
ProductVendor Advisory
Source: cve@mitre.org
ProductVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Product
Source: af854a3a-2127-422b-91ae-364da2661108
ProductVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ProductVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ProductVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ProductVendor Advisory

Timeline

No history available yet.