Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions VG4
Description
Dräger Infinity Acute Care System and Standalone Infinity M540 patient monitors versions VG4
AI Analyst Comment
Remediation
Apply vendor security updates immediately. Monitor for exploitation attempts and review access logs.
---METADATA---
VENDOR: Dräger
PRODUCT: Infinity Acute Care System and Standalone Infinity M540
AFFECTED_VERSIONS: VG4.1.1, VG4.0.3, and lower (with VG4.2 partially affected)
---END_METADATA---
Description Summary:
A remote vulnerability in Dräger Infinity patient monitors allows attackers to inject spoofed data, causing denial-of-service conditions through system reboots.
Executive Summary:
Confirmed active exploitation of this high-severity vulnerability in Dräger patient monitors necessitates immediate action to prevent clinical service disruption.
Vulnerability Details
CVE-ID: CVE-2022-4992
Affected Software: Dräger Infinity Acute Care System and Standalone Infinity M540
Affected Versions: VG4.1.1, VG4.0.3, and lower (with VG4.2 partially affected)
Vulnerability: This vulnerability allows remote, unauthenticated attackers to compromise network communications, enabling the injection of malicious data or triggering system reboots by overwhelming the network stack. Attackers can manipulate critical device settings, including alarm states and thresholds, directly impacting patient safety.
Business Impact
With a CVSS score of 8.6, this vulnerability represents a significant risk to patient care and clinical operations. Successful exploitation results in the loss of critical monitoring functionality, potential misdiagnosis due to spoofed data, and severe downtime for life-critical medical equipment.
Remediation Plan
Immediate Action: Contact your Dräger representative or authorized service provider to coordinate the deployment of firmware updates or recommended mitigations for the affected versions.
Proactive Monitoring: Implement strict network segmentation for medical devices and monitor network traffic for anomalous spikes or unauthorized communication attempts targeting the M540 units.
Compensating Controls: Isolate affected patient monitors within a dedicated, restricted VLAN and utilize deep packet inspection (DPI) on clinical firewalls to identify and block malformed or spoofed packets.
Exploitation Status
Public Exploit Available: True
Analyst Notes: As of June 4, 2026, exploitation of this vulnerability in the wild has been confirmed. Given the criticality of the affected environment, immediate remediation is required.
Analyst Recommendation
The high CVSS score, combined with confirmed active exploitation in the wild, renders this an urgent priority for healthcare IT teams. Administrators must prioritize the isolation of affected systems and coordinate with the vendor to apply necessary updates to restore clinical integrity and safety.