Privilege Escalation in Dräger Infinity Explorer C700 Device
CVE-2019-25718

8.6HIGH

Key Information:

Vendor: Dräger
Status: Infinity Explorer C700
Vendor: CVE Published:; 1 June 2026

What is CVE-2019-25718?

The Dräger Infinity Explorer C700 exhibits a vulnerability that permits unauthorized users to escape from kiosk mode, gaining access to the device's underlying operating system. This exploit hinges on a specific dialog interaction, enabling attackers to manipulate the system to display inaccurate or no data from the associated Delta Family patient monitor. This breach poses significant risks to data integrity and operational continuity, highlighting the importance of securing medical devices against unauthorized access and exploitation.

Affected Version(s)

Infinity Explorer C700 all software versions

References

https://static.draeger.com/security

vendor-advisory

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 1, 2026
Vulnerability Reserved
Jun 1, 2026

Credit

Marc Ruef and Rocco Gagliardi, scip AG

CVE-2019-25718 Data

JSON