What is CVE-2022-4992?

CVE-2022-4992 is a high-severity vulnerability in Dräger Infinity Acute Care System, classified under Insufficient Verification of Data Authenticity. CVSS score: 8.6/10. Published 2026-06-02.

How severe is CVE-2022-4992?

High severity. CVSS v3 base score is 8.6 out of 10.

Vulnerability in Dräger Infinity Acute Care System

CVE-2022-4992

Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions VG4.1.1, VG4.0.3, and lower (with VG4.2 partially affected) contain a network message handling vulnerability that allows remote attackers to inject sp…

EPSS: 0.000 (14.2th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 8.6 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H.

Affected products

Dräger Infinity Acute Care System — versions 0
Dräger Standalone Infinity M540 Patient Monitor — versions 0

Weakness classification (CWE)

CWE-345 — Insufficient Verification of Data Authenticity

References

disclosure@vulncheck.com (vendor-advisory)
disclosure@vulncheck.com (third-party-advisory)
disclosure@vulncheck.com (vendor-advisory)

Frequently asked questions

What is CVE-2022-4992?: CVE-2022-4992 is a high-severity vulnerability in Dräger Infinity Acute Care System, classified under Insufficient Verification of Data Authenticity. CVSS score: 8.6/10. Published 2026-06-02.
How severe is CVE-2022-4992?: High severity. CVSS v3 base score is 8.6 out of 10.