BUSINESSES, GOVERNMENT & HOSPITALS MEETING ROOMS SUSCEPTIBLE TO EAVESDROPPING DUE TO OEM PRESENTATION PLATFORM VULNERABILITIES

Security risks are becoming more complex. Specialists from a Tenable firm’s cyber security course have revealed the discovery of multiple vulnerabilities in Crestron AM-100, which shares source code with many other products such as Barco wePresent, Extron ShareLink, InFocus LiteShow, TEQ AV IT WIPS710, SHARP PN-L703WA, Optoma WPS-Pro, Blackbox HD WPS, among others.

Below is a brief explanation of some of the vulnerabilities found by researchers, besides their CVSS key. While the flaws described do not affect all devices, researchers have tried to find all platforms potentially affected by these security flaws.

CVE-2019-3925: An unauthenticated remote threat actor can inject operating system commands into Crestron AM-100 with firmware 1.6.0.2 and AM-101 with firmware 2.7.0.2. This command injection is the result of the exclusion to /bin/ftpfw.sh.

Cyber Security News | Exploit One | Hacking News

Search This Blog

LIKE TIKTOK, LINKEDIN IS SPYING ON WHAT YOU TYPE IN THE PHONE THROUGH THE CLIPBOARD

BUSINESSES, GOVERNMENT & HOSPITALS MEETING ROOMS SUSCEPTIBLE TO EAVESDROPPING DUE TO OEM PRESENTATION PLATFORM VULNERABILITIES

Comments

Post a Comment