Dräger Atlan A350 Denial-of-Service Vulnerability via Medibus Interface

Vulnerability

A denial-of-service vulnerability has been identified in the Dräger Atlan A350 software, specifically in versions 1.00 through 1.01. The issue arises from improper input handling that allows attackers to disrupt device operation by sending specially crafted, non-Medibus-compliant data through the Medibus interface. This malformed data can overload the internal processor, causing a gradual disruption in device functionality over several hours. The impact includes loss of data transmission, delayed updates of real-time monitoring curves, and discrepancies between displayed airway pressure values and the corresponding screen curves.

Impact

Exploitation of this vulnerability leads to a denial-of-service condition, causing prolonged disruption of the device's normal operations. This results in a loss of data transmission, delays in the real-time display of monitoring curves, and inconsistencies in airway pressure readings.

Added: Jun 2, 2026, 8:44 PM

Updated: Jun 2, 2026, 8:44 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

9.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

0.0

relevance

9.8

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Dräger Atlan A350 Denial-of-Service Vulnerability via Medibus Interface

Vulnerability

Impact

Affected Products

Dräger Atlan A350

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating