CVE-2019-25723

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

4.0 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L                                    

Vulnerability Description

Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal processor with malformed data to trigger a warm restart, causing ventilation pressure to drop to ambient level and interrupting ventilation for several seconds before therapy resumes.

Vulnerability Details

Published Date

June 02, 2026

Last Modified

June 02, 2026

CWE ID

CWE-1286

Source

NVD

Vendor

Dräger

Product

Perseus A500

External References

https://static.draeger.com/security
https://www.vulncheck.com/advisories/dr-ger-perseus-a500-dos-via-medibus-interface

CVE-2019-25723

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment