CVE-2019-25723
4.0 MEDIUMDräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers ...
Published: 2026-06-02 · Last updated: 2026-06-04
Severity and scoring
- CVSS
- 4.0 MEDIUM
- Vector
- CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L
- CWE
- CWE-1286
Description
Dräger Perseus A500 software versions 2.00 through 2.02 contains an improper input handling vulnerability that allows external attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can overload the internal processor with malformed data to trigger a warm restart, causing ventilation pressure to drop to ambient level and interrupting ventilation for several seconds before therapy resumes.
Source: NVD
References
Related CVEs
Same CWE
- CVE-2026-50131 — Fedify is a TypeScript library for building federated server apps powered by ActivityPub (8.6 HIGH)
- CVE-2025-8873 — On affected platforms running Arista EOS with IPsec configured, a specially crafted packet can cause the dataplane to stop processing all... (7.5 HIGH)
- CVE-2019-25720 — Dräger SC Monitoring devices (SC 6002XL, SC 6802XL, SC 7000, SC 8000, SC 9000 XL) contain a denial-of-service vulnerability in all softwa... (6.5 MEDIUM)
- CVE-2021-4479 — Dräger Atlan A350 versions 1.00 up to and including 1.01 contains an improper input handling vulnerability that allows attackers to cause... (4.0 MEDIUM)
- CVE-2026-24092 — Memory Corruption when processing fastboot commands to set display mode (7.2 HIGH)