Cyber Resilience

CVE-2019-25718

HighPublic PoCUpdated

Published: 01 June 2026

Published
01 June 2026
Modified
30 June 2026
KEV Added
Patch
CVSS Score v4 8.6 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0012 2.0th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2019-25718 is a high-severity User Interface (UI) Misrepresentation of Critical Information (CWE-451) vulnerability in Draeger Infinity Explorer C700 Firmware. Its CVSS base score is 8.6 (High).

Operationally, ranked at the 2.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Dräger Infinity Explorer C700 contains a privilege escalation vulnerability that allows attackers to break out of kiosk mode and access the underlying operating system through a specific dialog interaction. Attackers can exploit this kiosk escape to take control of the…

more

operating system and cause the device to display incorrect or no information from the connected Delta Family patient monitor.

CWE(s)

Related Threats

CVEs Like This One

CVE-2026-28964Shared CWE-451
CVE-2026-8964Shared CWE-451
CVE-2026-0906Shared CWE-451
CVE-2026-0093Shared CWE-451
CVE-2026-2634Shared CWE-451
CVE-2026-0094Shared CWE-451
CVE-2026-32971Shared CWE-451
CVE-2026-3889Shared CWE-451
CVE-2026-0088Shared CWE-451
CVE-2026-0096Shared CWE-451

Affected Assets

draeger
infinity explorer c700 firmware
all versions

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References