Information Disclosure Vulnerability in Dräger Patient Monitors
CVE-2019-25717

5.3MEDIUM

Key Information:

Vendor: Dräger
Status: Infinity Delta; Infinity Delta Xl; Infinity Kappa
Vendor: CVE Published:; 2 June 2026

What is CVE-2019-25717?

Dräger Infinity Delta, Delta XL, and Kappa patient monitors are affected by a vulnerability that allows unauthorized network attackers to gain access to sensitive log files. This security flaw can expose critical information, including device internals, precise location data, and the wired network configuration of the devices. The exposure of such data poses a significant risk to patient safety and the integrity of healthcare operations.

Affected Version(s)

Infinity Delta all software versions

Infinity Delta XL all software versions

Infinity Kappa all software versions

References

https://static.draeger.com/security

vendor-advisory

https://www.vulncheck.com/advisories/dr-ger-infinity-delt...

third-party-advisory

CVSS V4

Score:

5.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2026
Vulnerability Reserved
Jun 1, 2026

Credit

Marc Ruef and Rocco Gagliardi, scip AG

CVE-2019-25717 Data

JSON