CVE-2019-25717

Summary

Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection. Attackers can retrieve device internals, location information, and wired network configuration details from the exposed log files.

Affected Software

VendorProductVersion RangeStatus
DrägerInfinity Deltaall software versionsaffected
DrägerInfinity Delta XLall software versionsaffected
DrägerInfinity Kappaall software versionsaffected

Weaknesses

  • CWE-538: CWE-538 Insertion of Sensitive Information into Externally-Accessible File or Directory

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References