CVE-2019-25720
MEDIUMDräger SC Monitoring Devices DoS via Malformed Network Packet
Title source: cnaDescription
Dräger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain a denial-of-service vulnerability in all software versions that allows unauthenticated attackers to reboot the monitor by sending a malformed network packet. Attackers can repeatedly send such malformed packets to disrupt patient monitoring until the device falls back to default configuration and loses network connectivity.
References (2)
Core 2
Core References
Vendor Advisory vendor-advisory
https://static.draeger.com/security/download/2019-11-27-Draeger-SC7000-SC9000-security-advisory-update-v1-5.pdf
Third Party Advisory third-party-advisory
https://www.vulncheck.com/advisories/dr-ger-sc-monitoring-devices-dos-via-malformed-network-packet
Scores
CVSS v3
6.5
EPSS
0.0020
EPSS Percentile
9.8%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-1286
Status
published
Products (5)
Dräger/SC 6002XL
SC 6002XL
Dräger/SC 7000
SC 7000
Dräger/SC6802XL
SC6802XL
Dräger/SC8000
SC8000
Dräger/SC90000 XL
SC90000 XL
Published
Jun 03, 2026
Tracked Since
Jun 03, 2026