Dräger CC-Vision Basic and CC-Vision E-Cal Out-of-Bounds Write via Malicious GDT File

Advisories

Dräger CC-Vision Basic and CC-Vision E-Cal Out-of-Bounds Write via Malicious GDT File

severity: high
date: 6/2/2026
Affecting: CC-Vision Basic < 7.5.3
CC-Vision E-Cal < 7.2.5.0
CVE: CVE-2021-4478
CWE: CWE-787 Out-of-bounds Write
CVSS: 8.3
CVSS V4 Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:H/SC:N/SI:H/SA:H
References: https://static.draeger.com/security
Credit: Mario Ceballos
Description: Dräger CC-Vision Basic before 7.5.3 and Dräger CC-Vision E-Cal before 7.2.5.0 contain an out-of-bounds write vulnerability when loading .gdt files. A crafted .gdt file can trigger a buffer overflow during file parsing, allowing an attacker to crash the application or execute malicious code on the underlying system.

Ready to get Started?

Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and vulnerability intelligence to help you prioritize and remediate vulnerabilities that matter.

Vulnerability Prioritization
Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
Early Warning System
Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.

Schedule a Demo