CVE-2024-14036
Awaiting Analysis Awaiting Analysis - Queue
Denial of Service in Dräger Core and M540 Converter Service

Publication date: 2026-06-02

Last updated on: 2026-06-03

Assigner: VulnCheck

Description
Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9 contain a denial of service vulnerability that allows network-adjacent attackers to trigger high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process. Attackers with access to the hospital network can send malformed SDC packets to exhaust CPU resources in the affected process, causing further SDC messages to no longer be processed.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-02
Last Modified
2026-06-03
Generated
2026-06-24
AI Q&A
2026-06-03
EPSS Evaluated
2026-06-22
NVD
CVE-2024-14036
EUVD
EUVD-2024-55607
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
dräger core 1.0.5
dräger m540_converter_service 1.0.9
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in Dräger Core 1.0.5 and Dräger M540 Converter Service 1.0.9. It is a denial of service (DoS) vulnerability that allows attackers who are network-adjacent to cause high CPU load by sending specially crafted, unencrypted SDC messages during the discovery process.

Attackers with access to the hospital network can send malformed SDC packets that exhaust CPU resources in the affected process, which results in the system being unable to process further SDC messages.

Impact Analysis

The impact of this vulnerability is a denial of service condition where the affected system experiences high CPU usage, potentially leading to degraded performance or unavailability of the Dräger Core or M540 Converter Service.

This means that critical medical device communication via SDC messages could be disrupted, which may affect hospital operations relying on these services.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2024-14036. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart