Home

Description

Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection. Attackers can retrieve device internals, location information, and wired network configuration details from the exposed log files.

PUBLISHED Reserved 2026-06-01 | Published 2026-06-02 | Updated 2026-06-03 | Assigner VulnCheck




MEDIUM: 5.3CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

MEDIUM: 4.3CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Problem types

CWE-538 Insertion of Sensitive Information into Externally-Accessible File or Directory

Product status

Default status
unaffected

all software versions (custom)
affected

Default status
unaffected

all software versions (custom)
affected

Default status
unaffected

all software versions (custom)
affected

Credits

Marc Ruef and Rocco Gagliardi, scip AG finder

References

static.draeger.com/security vendor-advisory

www.vulncheck.com/...ors-unauthenticated-log-file-disclosure third-party-advisory

cve.org (CVE-2019-25717)

nvd.nist.gov (CVE-2019-25717)

Download JSON