PatchSiren cyber security CVE debrief

CVE-2016-3151 Barco CVE debrief

CVE-2016-3151 is a high-severity directory traversal issue in Barco ClickShare wallpaper parsing. According to the CVE record, remote attackers could read sensitive local files such as /etc/shadow on affected devices running firmware older than the listed fixed versions. The issue was published by CVE/NVD on 2017-01-12 and is mapped to CWE-22.

Vendor: Barco
Product: CVE-2016-3151
CVSS: HIGH 7.5
CISA KEV: Not listed in stored evidence
Original CVE published: 2017-01-12
Original CVE updated: 2026-05-13
Advisory published: 2017-01-12
Advisory updated: 2026-05-13

Who should care

Organizations using Barco ClickShare CSC-1, CSM-1, or CSE-200 devices should care, especially if any unit is running firmware older than the fixed versions listed in the CVE record. Security teams responsible for meeting-room AV, wireless presentation systems, and embedded device fleets should prioritize validation and patching.

Technical summary

NVD describes the flaw as a directory traversal vulnerability in wallpaper parsing. The affected CPEs are Barco ClickShare CSC-1 firmware versions before 01.09.03, CSM-1 firmware versions before 01.06.02, and CSE-200 firmware versions before 01.03.02. The CVSS vector is CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N, indicating network reachability, no privileges required, no user interaction, and high confidentiality impact. NVD classifies the weakness as CWE-22.

Defensive priority

High. The combination of remote reachability, no authentication, and high confidentiality impact makes this a priority for exposed or widely deployed meeting-room devices. If affected firmware is present, upgrade promptly and verify that no obsolete units remain in service.

Recommended defensive actions

Inventory Barco ClickShare CSC-1, CSM-1, and CSE-200 devices and confirm installed firmware versions.
Upgrade any affected firmware to at least CSC-1 01.09.03, CSM-1 01.06.02, or CSE-200 01.03.02.
Restrict network exposure to management and presentation devices where feasible, especially from untrusted networks.
Review device access logs and file-integrity or telemetry data for signs of unauthorized file access attempts.
Remove or isolate unsupported or unpatchable devices until they can be updated or replaced.

Evidence notes

This debrief is based on the official NVD CVE record and the CVE record itself. The source corpus states the vulnerability is a directory traversal issue in wallpaper parsing and that it can allow remote reading of /etc/shadow. The NVD data includes the affected firmware thresholds, CVSS vector, and CWE-22 mapping. Publication timing is taken from the CVE publishedAt field (2017-01-12T23:59:00.353Z); the modified date (2026-05-13T00:24:29.033Z) is not used as the disclosure date.

Official resources

CVE-2016-3151 CVE record
CVE.org
CVE-2016-3151 NVD detail
NVD
Source item URL
nvd_modified
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry
Source reference
[email protected]
Mitigation or vendor reference
[email protected] - Third Party Advisory, VDB Entry

Publicly disclosed in the CVE/NVD record on 2017-01-12. The record was modified on 2026-05-13, but that date is not the issue date.