CVE-2019-25718

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the operating system and cause the device to display incorrect or no information from the connected Delta Family patient monitor.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:draeger:infinity_explorer_c700_firmware:-:*:*:*:*:*:*:*
cpe:2.3:h:draeger:infinity_explorer_c700:-:*:*:*:*:*:*:*

History

30 Jun 2026, 19:02

Type Values Removed Values Added
CPE cpe:2.3:h:draeger:infinity_explorer_c700:-:*:*:*:*:*:*:*
cpe:2.3:o:draeger:infinity_explorer_c700_firmware:-:*:*:*:*:*:*:*
References () https://static.draeger.com/security/download/2019-01-22-draeger-infinity-delta-vf10-1-security-advisory.pdf - () https://static.draeger.com/security/download/2019-01-22-draeger-infinity-delta-vf10-1-security-advisory.pdf - Vendor Advisory
References () https://www.vulncheck.com/advisories/dr-ger-infinity-explorer-c700-privilege-escalation-via-kiosk-mode-bypass - () https://www.vulncheck.com/advisories/dr-ger-infinity-explorer-c700-privilege-escalation-via-kiosk-mode-bypass - Third Party Advisory, VDB Entry
First Time Draeger
Draeger infinity Explorer C700
Draeger infinity Explorer C700 Firmware
CWE NVD-CWE-noinfo

03 Jun 2026, 22:16

Type Values Removed Values Added
References
  • {'url': 'https://static.draeger.com/security', 'source': 'disclosure@vulncheck.com'}
  • () https://static.draeger.com/security/download/2019-01-22-draeger-infinity-delta-vf10-1-security-advisory.pdf -
  • () https://www.vulncheck.com/advisories/dr-ger-infinity-explorer-c700-privilege-escalation-via-kiosk-mode-bypass -

01 Jun 2026, 23:16

Type Values Removed Values Added
New CVE

Information

Published : 2026-06-01 23:16

Updated : 2026-06-30 19:02


NVD link : CVE-2019-25718

Mitre link : CVE-2019-25718

CVE.ORG link : CVE-2019-25718


JSON object : View

Products Affected

draeger

  • infinity_explorer_c700
  • infinity_explorer_c700_firmware
CWE
CWE-451

User Interface (UI) Misrepresentation of Critical Information

NVD-CWE-noinfo