Description
Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Log files are accessible over an unauthenticated network connection. By accessing the log files, an attacker is able to gain insights about internals of the patient monitor, the location of the monitor, and wired network configuration.
References (2)
Core 2
Core References
Third Party Advisory, US Government Resource x_refsource_misc
https://ics-cert.us-cert.gov/advisories/ICSMA-19-022-01
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/106683
Scores
CVSS v3
6.5
EPSS
0.0019
EPSS Percentile
40.2%
Attack Vector
ADJACENT_NETWORK
CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-532
Status
published
Products (4)
draeger/delta_xl_firmware
draeger/infinity_delta_firmware
draeger/infinity_explorer_c700_firmware
draeger/kappa_firmware
Published
Jan 28, 2019
Tracked Since
Feb 18, 2026