CVE-2019-25716

Summary

Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that allows remote attackers to cause the monitor to reboot by sending a malformed network packet. Attackers can repeatedly send malformed network packets to disrupt patient monitoring until the device falls back to default configuration and loses network connectivity.

Affected Software

VendorProductVersion RangeStatus
DrägerInfinity DeltaInfinity Deltaaffected
DrägerInfinity Delta XLInfinity Delta XLaffected
DrägerInfinity KappaInfinity Kappaaffected

Weaknesses

  • CWE-15: CWE-15 External Control of System or Configuration Setting

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References