Enterprise staff using the popular Barco ClickShare wireless presentation tools have been warned to update the devices as soon as possible, after security researchers found multiple serious vulnerabilities in them.
Security vendor F-Secure says it has discovered twelve separate vulnerabilties in the Clickshare Button range of presentation devices, as well as the base wireless unit and client software from Barco.
Exploiting the vulnerabilties could pose a significant threat allowing attackers to compromise the Button presentation devices, the F-Secure analysis showed.
"Multiple vulnerabilities have been identified that ultimately allow attackers to compromise hardware units and backdoor them, execute arbitrary code on end users' systems, as well as observe and manipulate contents being presented," F-Secure Labs wrote.
Malware can be injected into corporate devices via compromised Button systems, which use system-on-a-chip integrated circuits with known vulnerabilities.
F-Secure informed Barco of the vulnerabilties in early October this year.
The wireless presentation tool vendor has acknowledged the flaws, and has begun issuing fixes for them this month.
Barco devices are sold in Australia, and the vendor claims it has shipped over a hundred thousand units worldwide.
.png&h=140&w=231&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
