CVE-2024-53919

HIGH

Barco ClickShare - Command Injection

Title source: llm

Description

An injection vulnerability in Barco ClickShare CX-30/20, C-5/10, and ClickShare Bar Pro and Core models, running firmware before 2.21.1, allows physically proximate attackers or local admins to the webUI to trigger OS-level command execution as root.

References (2)

Core 2

Core References

Various Sources

https://cwe.mitre.org/data/definitions/78.html

Various Sources

https://www.barco.com/en/support/knowledge-base/15008-clickshare-cve-2024-53919

Scores

CVSS v3 7.6

EPSS 0.0043

EPSS Percentile 34.5%

Attack Vector PHYSICAL

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-77

Status published

Published Dec 10, 2024

Tracked Since Feb 18, 2026