Dräger Zeus IE Anesthesia Workstation USB Interface Privilege Escalation

7 / 10

HIGH

CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Dräger Zeus Infinity Empowered (Zeus IE) and Zeus RS C500 anesthesia workstations contain a local security vulnerability that allows unauthorized individuals with physical access to compromise software integrity via USB interface manipulation. Attackers can exploit the unprotected USB interfaces to impair therapy functions, manipulate device-processed data, or leverage the device as a pivot point for broader network-based attacks when connected to a network or Dräger Service Connect.

Basic Information

ID CVE-2025-15653

Source VulnCheck

Published Jun 2, 2026 at 21:27

Affected Product

Vendor Dräger

Product Zeus IE

Affected Versions Dräger Zeus IE 0
Dräger Zeus RS C500 0

CWE Classification

CWE-668

References

{
    "lastseen": "",
    "description": "Dr\u00e4ger Zeus Infinity Empowered (Zeus IE) and Zeus RS C500 anesthesia workstations contain a local security vulnerability that allows unauthorized individuals with physical access to compromise software integrity via USB interface manipulation. Attackers can exploit the unprotected USB interfaces to impair therapy functions, manipulate device-processed data, or leverage the device as a pivot point for broader network-based attacks when connected to a network or Dr\u00e4ger Service Connect.",
    "published": "2026-06-02T21:27:37.997Z",
    "modified": "2026-06-02T21:27:37.997Z",
    "type": "cve",
    "title": "Dr\u00e4ger Zeus IE Anesthesia Workstation USB Interface Privilege Escalation",
    "source": "VulnCheck",
    "references": "https://www.draeger.com/security\nhttps://www.vulncheck.com/advisories/dr-ger-zeus-ie-anesthesia-workstation-usb-interface-privilege-escalation",
    "id": "CVE-2025-15653",
    "bulletinFamily": "",
    "cwe": [
        "CWE-668"
    ],
    "cvelist": null,
    "sourceData": "Dr\u00e4ger Zeus IE 0\nDr\u00e4ger Zeus RS C500 0",
    "sourceHref": "",
    "cvss": {
        "score": 7,
        "severity": "HIGH",
        "vector": "CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Zeus IE",
    "version": "0",
    "vendor": "Dr\u00e4ger",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}

Dräger Zeus IE Anesthesia Workstation USB Interface Privilege Escalation_CVE-2025-15653