Vulnerabilities > CVE-2018-19012 - Unspecified vulnerability in Draeger products

CVSS 7.8 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

HIGH

Integrity impact

HIGH

Availability impact

HIGH

local

low complexity

draeger

NVD

Published: 2019-01-28

Updated: 2019-10-09

Summary

Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Via a specific dialog it is possible to break out of the kiosk mode and reach the underlying operating system. By breaking out of the kiosk mode, an attacker is able to take control of the operating system.

Vulnerable Configurations

Part	Description	Count
OS	Draeger Draeger Kappa Firmware * Draeger Infinity Explorer C700 Firmware * Draeger Delta XL Firmware * Draeger Infinity Delta Firmware *	4
Hardware	Draeger Draeger Kappa - Draeger Infinity Explorer C700 - Draeger Delta XL - Draeger Infinity Delta -	4

References

https://ics-cert.us-cert.gov/advisories/ICSMA-19-022-01
http://www.securityfocus.com/bid/106683