CVE-2019-25716

Vulnerability

A denial-of-service vulnerability exists in Dräger Infinity Delta, Delta XL, and Kappa patient monitors. The vulnerability is triggered by sending a malformed network packet to the device, which can cause the monitor to reboot. The affected versions are not explicitly mentioned in the available references.

Exploitation

An attacker can exploit this vulnerability by sending a malformed network packet to the affected Dräger patient monitors. This action can be performed remotely and does not appear to require any specific authentication or privileges. Repeatedly sending these packets can disrupt normal operation.

Impact

Successful exploitation of this vulnerability can lead to a denial-of-service condition, causing the patient monitor to reboot. Attackers can repeatedly trigger reboots, disrupting patient monitoring. The device may fall back to its default configuration, resulting in a loss of network connectivity.

Mitigation

No specific patch or fixed version information is available in the provided references. Dräger encourages responsible reporting of vulnerabilities through their security page [1]. Information regarding workarounds or end-of-life status is not disclosed in the available references.