CVE-2019-25717— Dräger Infinity Delta/Kappa Patient Monitors Unauthenticated Log File Disclosure
Possible ATT&CK Techniques 1AI
T1213 · Data from Information RepositoriesAffected Version Matrix 3
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dräger | Infinity Delta | all software versions | affected |
| Dräger | Infinity Delta XL | all software versions | affected |
| Dräger | Infinity Kappa | all software versions | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2019-25717
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Dräger Infinity Delta/Kappa Patient Monitors Unauthenticated Log File Disclosure
Source: NVD (National Vulnerability Database)
Vulnerability Description
Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection. Attackers can retrieve device internals, location information, and wired network configuration details from the exposed log files.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Source: NVD (National Vulnerability Database)
Vulnerability Type
文件和路径信息暴露
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| Dräger | Infinity Delta | all software versions | - | |
| Dräger | Infinity Delta XL | all software versions | - | |
| Dräger | Infinity Kappa | all software versions | - |
II. Public POCs for CVE-2019-25717
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2019-25717
请登录查看更多情报信息。
Vendor Advisories for CVE-2019-25717 (1)
Same Patch Batch · Dräger · 2026-06-02 · 13 CVEs total
| CVE-2019-25719 | 8.6 HIGH | Dräger Infinity M540 VG4.1.1 Spoofing and DoS via Network Message Handling |
| CVE-2022-4992 | 8.6 HIGH | Dräger Infinity M540 VG4.1.1 Spoofed Network Message Handling DoS/Tampering |
| CVE-2021-4478 | 8.2 HIGH | Dräger CC-Vision Basic and CC-Vision E-Cal Out-of-Bounds Write via Malicious GDT File |
| CVE-2021-4481 | 8.2 HIGH | Dräger Protector Software Local Privilege Escalation via Insecure File Permissions |
| CVE-2021-4480 | 8.2 HIGH | Dräger Protector Software Local Privilege Escalation via Insecure File Permissions |
| CVE-2019-25722 | 7.6 HIGH | Dräger SC Monitoring Devices Hard-coded Credentials and DoS |
| CVE-2024-14036 | 7.5 HIGH | Dräger Core 1.0.5 Denial of Service via Malformed SDC Message |
| CVE-2025-15653 | 6.8 MEDIUM | Dräger Zeus IE Anesthesia Workstation USB Interface Privilege Escalation |
| CVE-2019-25724 | 6.5 MEDIUM | Dräger Infinity M300 VG2.x Network-Based Denial of Service |
| CVE-2019-25721 | 6.5 MEDIUM | Dräger Infinity M300 VG2.3.1 Network-Based Denial of Service |
| CVE-2019-25723 | 4.0 MEDIUM | Dräger Perseus A500 2.00-2.02 DoS via Medibus Interface |
| CVE-2021-4479 | 4.0 MEDIUM | Dräger Atlan A350 1.00-1.01 DoS via Medibus Interface |
IV. Related Vulnerabilities
Same vendor: Dräger
- CVE-2021-4481
Dräger Protector Software Local Privilege Escalation via Ins - CVE-2021-4480
Dräger Protector Software Local Privilege Escalation via Ins - CVE-2025-15653
Dräger Zeus IE Anesthesia Workstation USB Interface Privileg - CVE-2024-14036
Dräger Core 1.0.5 Denial of Service via Malformed SDC Messag - CVE-2022-4992
Dräger Infinity M540 VG4.1.1 Spoofed Network Message Handlin
Same weakness: CWE-538
- CVE-2026-10254
SourceCodester Pet Grooming Management Software admin file i - CVE-2026-49298
Apache Airflow: JWT Token Exposure in KubernetesExecutor Com - CVE-2026-27173
Apache Airflow CNCF Kubernetes provider: JWT Token Exposure - CVE-2023-54346
WordPress Plugin Backup Migration 1.2.8 Unauthenticated Data - CVE-2026-7071
CodeAstro Online Job Portal user-cvs file information disclo
V. Comments for CVE-2019-25717
No comments yet