CVE-2018-19010

Vulnerability

An improper input validation vulnerability (CWE-20) exists in the network packet handling of Dräger Infinity Delta, Delta XL, Kappa, and Infinity Explorer C700 patient monitors (all versions) [1]. A malformed network packet sent to the monitor can cause it to reboot. The vulnerability is reachable over the network without authentication [1].

Exploitation

An attacker with adjacent network access (AV:A) can send a single malformed network packet to trigger a reboot [1]. By repeatedly sending such packets, the attacker can cause the monitor to reboot continuously, ultimately forcing it to fall back to default configuration and lose network connectivity [1]. No authentication or user interaction is required [1].

Impact

Successful exploitation results in a denial of service (high availability impact) by causing repeated reboots of the patient monitor [1]. This disruption can prevent the monitor from communicating with the network, potentially harming patient monitoring [1]. There is no impact on confidentiality or integrity [1].

Mitigation

The ICS-CERT advisory (ICSMA-19-022-01) recommends contacting Dräger for firmware updates to address this vulnerability [1]. As of the publication date, no specific fixed version is available. Users should implement network segmentation and monitoring to limit exposure to untrusted networks [1].