CVE-2019-25718
Privilege Escalation in Dräger Infinity Explorer C700 Kiosk Mode
Publication date: 2026-06-01
Last updated on: 2026-06-01
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| dräger | infinity_explorer_c700 | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-451 | The user interface (UI) does not properly represent critical information to the user, allowing the information - or its source - to be obscured or spoofed. This is often a component in phishing attacks. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
The Dräger Infinity Explorer C700 device contains a privilege escalation vulnerability that allows attackers to escape from kiosk mode by interacting with a specific dialog. This escape enables attackers to access the underlying operating system.
Once the attacker gains control of the operating system, they can manipulate the device to display incorrect information or no information at all from the connected Delta Family patient monitor.
How can this vulnerability impact me? :
This vulnerability can allow an attacker to take control of the device's operating system by escaping kiosk mode.
As a result, the attacker can cause the device to show incorrect or missing patient monitoring data, which could lead to misinformed clinical decisions and potentially harm patients.