CVE-2019-25720

Dräger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain a denial-of-service vulnerability in all software versions that allows unauthenticated attackers to reboot the monitor by sending a malformed network packet. Attackers can repeatedly send such malformed packets to disrupt patient monitoring until the device falls back to default configuration and loses network connectivity.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.8 / Impact : 3.6

Attack Vector ADJACENT_NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://static.draeger.com/security/download/2019-11-27-Draeger-SC7000-SC9000-security-advisory-update-v1-5.pdf
https://www.vulncheck.com/advisories/dr-ger-sc-monitoring-devices-dos-via-malformed-network-packet

Configurations

No configuration.

History

03 Jun 2026, 18:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2026-06-03 18:16

Updated : 2026-06-17 02:33

NVD link : CVE-2019-25720

Mitre link : CVE-2019-25720

CVE.ORG link : CVE-2019-25720

JSON object : View

Products Affected

No product.

CWE

CWE-1286

Improper Validation of Syntactic Correctness of Input

{"id": "CVE-2019-25720", "cveTags": [], "metrics": {"ssvcV203": [{"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "ssvcData": {"id": "CVE-2019-25720", "role": "CISA Coordinator", "options": [{"exploitation": "none"}, {"automatable": "no"}, {"technicalImpact": "partial"}], "version": "2.0.3", "timestamp": "2026-06-03T17:44:08.218138Z"}}], "cvssMetricV31": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "ADJACENT_NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}, "impactScore": 3.6, "exploitabilityScore": 2.8}], "cvssMetricV40": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "cvssData": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 7.1, "Automatable": "NOT_DEFINED", "attackVector": "ADJACENT", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "availabilityRequirement": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "confidentialityRequirement": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED"}}]}, "affected": [{"source": "disclosure@vulncheck.com", "affectedData": [{"vendor": "Dr\u00e4ger", "product": "SC 6002XL", "versions": [{"status": "affected", "version": "SC 6002XL", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Dr\u00e4ger", "product": "SC6802XL", "versions": [{"status": "affected", "version": "SC6802XL", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Dr\u00e4ger", "product": "SC 7000", "versions": [{"status": "affected", "version": "SC 7000", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Dr\u00e4ger", "product": "SC8000", "versions": [{"status": "affected", "version": "SC8000", "versionType": "custom"}], "defaultStatus": "unknown"}, {"vendor": "Dr\u00e4ger", "product": "SC90000 XL", "versions": [{"status": "affected", "version": "SC90000 XL", "versionType": "custom"}], "defaultStatus": "unknown"}]}], "published": "2026-06-03T18:16:15.910", "references": [{"url": "https://static.draeger.com/security/download/2019-11-27-Draeger-SC7000-SC9000-security-advisory-update-v1-5.pdf", "source": "disclosure@vulncheck.com"}, {"url": "https://www.vulncheck.com/advisories/dr-ger-sc-monitoring-devices-dos-via-malformed-network-packet", "source": "disclosure@vulncheck.com"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "disclosure@vulncheck.com", "description": [{"lang": "en", "value": "CWE-1286"}]}], "descriptions": [{"lang": "en", "value": "Dr\u00e4ger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain a denial-of-service vulnerability in all software versions that allows unauthenticated attackers to reboot the monitor by sending a malformed network packet. Attackers can repeatedly send such malformed packets to disrupt patient monitoring until the device falls back to default configuration and loses network connectivity."}], "lastModified": "2026-06-17T02:33:02.153", "sourceIdentifier": "disclosure@vulncheck.com"}