CVE-2018-19012
HIGHDraeger Infinity Delta, Delta XL, Kappa, and Infinity Explorer C700 - Privilege Escalation via Kiosk Mode Bypass
Title source: llmDescription
Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Via a specific dialog it is possible to break out of the kiosk mode and reach the underlying operating system. By breaking out of the kiosk mode, an attacker is able to take control of the operating system.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSMA-19-022-01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106683
Scores
CVSS v3
7.8
EPSS
0.0039
EPSS Percentile
30.8%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-269
Status
published
Products (4)
draeger/delta_xl_firmware
draeger/infinity_delta_firmware
draeger/infinity_explorer_c700_firmware
draeger/kappa_firmware
Published
Jan 28, 2019
Tracked Since
Feb 18, 2026