Denial-of-Service Vulnerability in Dräger SC Monitoring Devices
CVE-2019-25722

7.2HIGH

Key Information:

Vendor: Dräger
Status: Sc 6002xl; Sc6802xl; Sc 7000; Sc8000
Vendor: CVE Published:; 2 June 2026

What is CVE-2019-25722?

Dräger SC Monitoring devices, including the SC 6002XL, SC 6802XL, SC 7000, SC 8000, and SC 9000 XL models, are susceptible to severe security vulnerabilities due to hard-coded plaintext credentials embedded in the source code. This flaw enables local attackers with physical access to manipulate service and clinical accounts, altering device settings with ease. Additionally, the devices are vulnerable to a denial-of-service attack, where remote attackers can exploit malformed network packets causing device crashes and continuous reboots. This results in significant disruptions to patient monitoring capabilities and poses a risk to patient safety.

Affected Version(s)

SC 6002XL all versions

SC 7000 all versions

SC6802XL all versions

References

https://static.draeger.com/security

vendor-advisory

https://www.vulncheck.com/advisories/dr-ger-sc-monitoring...

third-party-advisory

CVSS V4

Score:

7.2

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2026
Vulnerability Reserved
Jun 2, 2026

Credit

Jeroen Slobbe and Max Grim

CVE-2019-25722 Data

JSON