Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

IoT Security

Many Vulnerabilities Found in Barco Wireless Presentation Systems

Researchers working for F-Secure have identified a dozen vulnerabilities in popular Barco ClickShare wireless presentation systems. While the vendor has patched the most serious vulnerabilities, the remaining issues are not easy to fix.

Researchers working for F-Secure have identified a dozen vulnerabilities in popular Barco ClickShare wireless presentation systems. While the vendor has patched the most serious vulnerabilities, the remaining issues are not easy to fix.

According to F-Secure, its experts analyzed the ClickShare devices after noticing how popular they were during their red team assessments. Their analysis was carried out over a period of several months and resulted in the discovery of vulnerabilities that can be exploited to intercept and manipulate presentations, steal passwords and other sensitive information, and install malware.

Some of the vulnerabilities require physical access to a device for exploitation, but others can be exploited remotely if the product’s default configuration has not been changed, F-Secure said.Barco ClickShare vulnerabilities

The vulnerabilities have been found in the ClickShare base unit, the client software, and the ClickShare button, which is the USB device used to start sharing content on available AV equipment.

According to Barco, ClickShare products are used by over 40 percent of Global Fortune 1000 companies. The device models confirmed to be vulnerable by F-Secure, the CS-100 and CSE-200, cost $1,000 and $1,750, respectively.

The vulnerabilities are related to the failure to disable a JTAG debugging interface, which could be abused by malicious actors; the use of shared encryption keys, which allows an attacker to create malicious software images; OS command injection flaws; the use of testing credentials that can be leveraged to issue commands and launch man-in-the-middle (MitM) attacks; flaws allowing malware to be planted on a device using a specially crafted USB drive; and the presence of weak, hardcoded credentials that give an attacker admin privileges on a device.

Researchers also discovered that Syslog data is transmitted over the Wi-Fi connection in clear text; that an attacker can plant arbitrary code that will get side-loaded into the ClickShare client process at start; that media streams are insufficiently protected; and that an attacker can manipulate file system content and make changes that would allow them to remotely log in to the device.

Barco has patched five of the most serious vulnerabilities, including ones related to hardcoded credentials, certificate chain verification, the presence of testing credentials, file manipulation, and command injection. However, several of the flaws can only be fixed through physical maintenance and F-Secure believes they are unlikely to get patched.

“Our tests’ primary objectives were to backdoor the system so we could compromise presenters, and steal information as it’s presented. Although cracking the perimeter was tough, we were able to find multiple issues after we gained access, and exploiting them was easy once we know more about the system,” explained F-Secure Consulting’s Dmitry Janushkevich. “For an attacker, this is a fast, practical way to compromise a company, and organizations need to inform themselves about the associated risks.”

Advertisement. Scroll to continue reading.

Earlier this year, Tenable disclosed a total of 15 vulnerabilities found across eight wireless presentation systems, including ones made by Barco. Barco at the time was named as one of the few notified vendors that had released patches.

Related: New Mirai Variant Targets Enterprise IoT Devices

Related: Vulnerability Allows Hackers to Unlock Smart Home Door Locks

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

Expert Insights

Related Content

Vulnerabilities

Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

Vulnerabilities

A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...

Cybercrime

Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.

Vulnerabilities

Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.

Vulnerabilities

The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.