CVE-2019-25722
Description
Dräger SC Monitoring devices have hard-coded credentials and a DoS flaw, allowing local credential abuse and remote network disruption.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Dräger SC Monitoring devices have hard-coded credentials and a DoS flaw, allowing local credential abuse and remote network disruption.
Vulnerability
Dräger SC Monitoring devices, including models SC 6002XL, SC 6802XL, SC 7000, SC 8000, and SC 9000 XL, contain hard-coded plaintext credentials within their source code and a denial-of-service vulnerability. These issues affect all software versions and allow for device integrity compromise [2].
Exploitation
A local attacker with direct physical access to a device can exploit the hard-coded credentials to gain access to service and clinical accounts, enabling them to alter device configurations. A remote attacker can exploit the denial-of-service vulnerability by sending malformed network packets, which triggers repeated device reboots [2].
Impact
Successful exploitation by a local attacker allows for unauthorized alteration of device configurations. Remote exploitation leads to repeated device reboots, resulting in a loss of network connectivity and disruption of critical patient monitoring functions [2].
Mitigation
Not yet disclosed in the available references. Dräger encourages responsible reporting of potential security vulnerabilities [1].
AI Insight generated on Jun 2, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
6Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
2News mentions
0No linked articles in our index yet.