Dräger Infinity Delta/Kappa Patient Monitor DoS via Malformed Network Packet

Advisories

Dräger Infinity Delta/Kappa Patient Monitor DoS via Malformed Network Packet

severity: high
date: 6/1/2026
Affecting: Infinity Delta
Infinity Delta XL
Infinity Kappa
CVE: CVE-2019-25716
CWE: CWE-15 External Control of System or Configuration Setting
CVSS: 7.1
CVSS V4 Vector: CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N
References: Vendor Advisory
Credit: Marc Ruef and Rocco Gagliardi, scip AG
Description: Dräger Infinity Delta, Delta XL, and Kappa patient monitors contain a denial-of-service vulnerability that allows remote attackers to cause the monitor to reboot by sending a malformed network packet. Attackers can repeatedly send malformed network packets to disrupt patient monitoring until the device falls back to default configuration and loses network connectivity.

Ready to get Started?

Explore VulnCheck, a next-generation Cyber Threat Intelligence platform, which provides exploit and vulnerability intelligence to help you prioritize and remediate vulnerabilities that matter.

Vulnerability Prioritization
Prioritize vulnerabilities that matter based on the threat landscape and defer vulnerabilities that don't.
Early Warning System
Real-time alerting of changes in the vulnerability landscape so that you can take action before the attacks start.

Schedule a Demo