Vulnerability CVE-2018-19012
Published: 2019-01-28

Description:
Drager Infinity Delta, Infinity Delta, all versions, Delta XL, all versions, Kappa, all version, and Infinity Explorer C700, all versions. Via a specific dialog it is possible to break out of the kiosk mode and reach the underlying operating system. By breaking out of the kiosk mode, an attacker is able to take control of the operating system.

Type:

CWE-noinfo

CVSS2 => (AV:L/AC:L/Au:N/C:C/I:C/A:C)

CVSS Base Score
Impact Subscore
Exploitability Subscore
7.2/10
10/10
3.9/10
Exploit range
Attack complexity
Authentication
Local
Low
No required
Confidentiality impact
Integrity impact
Availability impact
Complete
Complete
Complete
Affected software
Draeger -> Delta xl firmware 
Draeger -> Infinity delta firmware 
Draeger -> Infinity explorer c700 firmware 
Draeger -> Kappa firmware 

 References:
http://www.securityfocus.com/bid/106683
https://ics-cert.us-cert.gov/advisories/ICSMA-19-022-01
Copyright 2024, cxsecurity.com

 

Back to Top