CVE-2019-25717
MEDIUMDräger Infinity Delta/Kappa Patient Monitors Unauthenticated Log File Disclosure
Title source: cnaDescription
Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection. Attackers can retrieve device internals, location information, and wired network configuration details from the exposed log files.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
https://static.draeger.com/security
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/dr-ger-infinity-delta-kappa-patient-monitors-unauthenticated-log-file-disclosure
Scores
CVSS v3
4.3
EPSS
0.0016
EPSS Percentile
6.0%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-538
Status
published
Products (3)
Dräger/Infinity Delta
all software versions
Dräger/Infinity Delta XL
all software versions
Dräger/Infinity Kappa
all software versions
Published
Jun 02, 2026
Tracked Since
Jun 02, 2026