CVE-2024-53919

An injection vulnerability in Barco ClickShare CX-30/20, C-5/10, and ClickShare Bar Pro and Core models, running firmware before 2.21.1, allows physically proximate attackers or local admins to the webUI to trigger OS-level command execution as root.
Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.6 HIGH
PHYSICAL
LOW
NONE
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
mitreCNA
7.6 HIGH
PHYSICAL
LOW
NONE
CVSS:3.1/AC:L/AV:P/A:H/C:H/I:H/PR:N/S:C/UI:N
CISA-ADPADP
---
---
Awaiting analysis
This vulnerability is currently awaiting analysis.
Base Score
CVSS 3.x
EPSS Score
Percentile: 31%
Common Weakness Enumeration
References
https://cwe.mitre.org/data/definitions/78.html
https://www.barco.com/en/support/knowledge-base/15008-clickshare-cve-2024-53919