CVE-2019-25716
CWE-15Published: June 1, 2026· Updated: Jun 3, 2026
Official Description
Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that allows remote attackers to cause the monitor to reboot by sending a malformed network packet. Attackers can repeatedly send malformed network packets to disrupt patient monitoring until the device falls back to default configuration and loses network connectivity.
Technical Analysis
CVE-2019-25716 requires adjacent network access, limiting remote exploitation but still posing risk in shared or local network environments.
The vulnerability requires no privileges and no user interaction, making it a prime target for automated exploitation campaigns and worm-like propagation.
A successful exploit results in availability disruption (denial of service), with a CVSS base score of 6.5.
CVSS v3.1 Vector Breakdown
Exploit & PoC Resources
All References (2)
Quick Facts
Related CVEs (CWE-15)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2019-25716 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts