HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2019-25718

CVSS 8.6v4.0pub. 2026-06-01upd. 2026-06-30

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause the device to display incorrect or no information from the connected Delta Family patient monitor.

CVSS Vector
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
  • Draeger Infinity Explorer C700

    HW
    Draeger
    wszystkie wersje
  • Draeger Infinity Explorer C700 Firmware

    OS
    Draeger
    wszystkie wersje
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
LPE
CWE
References

Related vulnerabilities

CVE-2018-19012HIGH7.8ten sam produkt

Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity ...

CVE-2018-19010MEDIUM6.5ten sam produkt

Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity ...

CVE-2018-19014MEDIUM6.5ten sam produkt

Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity ...

CVE-2019-25716HIGH7.1ten sam vendor

Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that all...

CVE-2021-28111HIGH8.8ten sam vendor

Draeger X-Dock Firmware before 03.00.13 has Hard-Coded Credentials, leading to remote code execution by an aut...