What is CVE-2019-25719?

CVE-2019-25719 is a high-severity vulnerability in Dräger Infinity Acute Care System, classified under Improper Enforcement of Message Integrity During Transmission in a Communication Channel. CVSS score: 8.6/10. Published 2026-06-02.

How severe is CVE-2019-25719?

High severity. CVSS v3 base score is 8.6 out of 10.

Vulnerability in Dräger Infinity Acute Care System

CVE-2019-25719

Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors running software versions VG4.1.1, VG4.0.3, and lower contain network message handling vulnerabilities that allow network-adjacent attackers to spoof or tamper…

EPSS: 0.000 (4.5th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H.

Affected products

Dräger Infinity Acute Care System — versions lower than VG4.0.3, 0, VG4.2
Dräger Standalone Infinity M540 Patient Monitor — versions lower than VG4.1.1, 0, VG4.2

Weakness classification (CWE)

CWE-924 — Improper Enforcement of Message Integrity During Transmission in a Communication Channel

References

disclosure@vulncheck.com (vendor-advisory)
disclosure@vulncheck.com (third-party-advisory)
disclosure@vulncheck.com (vendor-advisory)

Frequently asked questions

What is CVE-2019-25719?: CVE-2019-25719 is a high-severity vulnerability in Dräger Infinity Acute Care System, classified under Improper Enforcement of Message Integrity During Transmission in a Communication Channel. CVSS score: 8.6/10. Published 2026-06-02.
How severe is CVE-2019-25719?: High severity. CVSS v3 base score is 8.6 out of 10.