By vendor

Draeger vulnerabilities

Known CVEs affecting Draeger products, prioritized by severity, with SEC.co remediation and detection guidance.

3 published vulnerabilities

  • CVE-2019-25718HIGH 8.4

    The Dräger Infinity Explorer C700, a patient monitor interface device, contains a vulnerability that allows an attacker with local access to break out of its restricted kiosk environment and gain full control of the underlying operating system. Once escaped from kiosk mode, an attacker can manipulate the device's display, causing it to show incorrect patient data or no data at all—a serious concern in clinical settings where accurate vital sign monitoring is critical to patient safety.

  • CVE-2019-25716MEDIUM 6.5

    Dräger's Infinity Delta, Delta XL, and Kappa patient monitors are vulnerable to a denial-of-service attack triggered by malformed network packets. An attacker on the same network segment can send specially crafted packets that force the monitor to reboot repeatedly, disrupting patient monitoring and causing the device to lose network connectivity and revert to default settings. This is a network-adjacent threat that degrades clinical visibility rather than exposing patient data directly.

  • CVE-2019-25717MEDIUM 4.3

    Dräger's Infinity Delta, Delta XL, and Kappa patient monitors expose sensitive log files to unauthenticated attackers on the local network. An attacker with network access can retrieve device internals, location data, and network configuration without needing credentials. This is a network-adjacent threat that discloses operational details but does not enable direct device compromise or manipulation.