Insecure Credentials Management in Barco ClickShare Huddle CS-100 and CSE-200 Devices

Insecure Credentials Management in Barco ClickShare Huddle CS-100 and CSE-200 Devices

CVE-2019-18825 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Barco ClickShare Huddle CS-100 devices before 1.9.0 and CSE-200 devices before 1.9.0 have incorrect Credentials Management. The ClickShare Base Unit implements encryption at rest using encryption keys which are shared across all ClickShare Base Units of models CS-100 & CSE-200.

Learn more about our Web Application Penetration Testing UK.