Improper Input Handling Vulnerability in Dräger Atlan A350 Software
CVE-2021-4479

6.3MEDIUM

Key Information:

Vendor: Dräger
Status: Atlan A350
Vendor: CVE Published:; 2 June 2026

What is CVE-2021-4479?

The software for the Dräger Atlan A350, specifically versions 1.00 and 1.01, is susceptible to an improper input handling vulnerability via the Medibus interface. Attackers can exploit this issue by transmitting non-compliant Medibus data, which can overload the device's internal processor. This exploitation may lead to a gradual disruption of device operations, resulting in adverse effects such as the loss of data transmission, delayed visualization of real-time curves, and discrepancies between displayed airway pressure values and the actual screen curves. Addressing this vulnerability is crucial for maintaining the integrity and reliability of the device.

Affected Version(s)

Atlan A350 1.00 < 7.5.3

Atlan A350 1.01

Atlan A350 2.0

References

https://static.draeger.com/security

vendor-advisory

https://www.vulncheck.com/advisories/dr-ger-atlan-a350-do...

CVSS V4

Score:

6.3

Severity:

MEDIUM

Confidentiality:

None

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 2, 2026
Vulnerability Reserved
Jun 2, 2026

CVE-2021-4479 Data

JSON