Vulnerabilities > CVE-2018-19012 - Unspecified vulnerability in Draeger products

CVSS 7.2 - HIGH

Attack vector

LOCAL

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

COMPLETE

Integrity impact

COMPLETE

Availability impact

COMPLETE

local

low complexity

draeger

NVD

Published: 2019-01-28

Updated: 2019-10-09

Summary

Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Via a specific dialog it is possible to break out of the kiosk mode and reach the underlying operating system. By breaking out of the kiosk mode, an attacker is able to take control of the operating system.

Vulnerable Configurations

Part	Description	Count
OS	Draeger Draeger Kappa Firmware * Draeger Infinity Explorer C700 Firmware * Draeger Delta XL Firmware * Draeger Infinity Delta Firmware *	4
Hardware	Draeger Draeger Kappa - Draeger Infinity Explorer C700 - Draeger Delta XL - Draeger Infinity Delta -	4

References

http://www.securityfocus.com/bid/106683
https://ics-cert.us-cert.gov/advisories/ICSMA-19-022-01