CVE-2019-25717
Analyzed
Analyzed - Analysis Complete
Unauthenticated Information Disclosure in Dräger Patient Monitors
Vulnerability report for CVE-2019-25717, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.
Publication date: 2026-06-02
Last updated on: 2026-06-30
Assigner: VulnCheck
Description
Description
Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain an information disclosure vulnerability that allows unauthenticated network attackers to access log files over a network connection. Attackers can retrieve device internals, location information, and wired network configuration details from the exposed log files.
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| draeger | infinity_delta_firmware | * |
| draeger | delta_xl_firmware | * |
| draeger | kappa_firmware | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-538 | The product places sensitive information into files or directories that are accessible to actors who are allowed to have access to the files, but not to the sensitive information. |