Draeger: ICMHelper is vulnerable to a privilege escalation

VDE-2025-028

Last update

05.08.2025 12:00

Published at

05.08.2025 12:00

Vendor(s)

Drägerwerk AG & Co. KGaA

External ID

VDE-2025-028

CSAF Document

Download

Summary

A security vulnerability was identified in the ICMHelper service running on the system of an ICM installation.
A low privileged local attacker could exploit this vulnerability to issue OS commands with the highest privileges.

Impact

The vulnerability CVE-2025-41698 allows an attacker to gain full access to application, sensitive information, client system and server. This requires successful exploitation of CVE-2025-2810.

Affected Product(s)

Model no.	Product name	Affected versions
	Draeger ICMHelper <=1.4.0.1	Draeger ICMHelper <=1.4.0.1

Vulnerabilities

Expand / Collapse all

Published

24.09.2025 12:42

Severity

7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weakness

Missing Authorization (CWE-862)

Summary

A low privileged local attacker can interact with the affected service although user-interaction should not be allowed.

References

cve.org | nvd.nist.gov

Published

24.09.2025 12:42

Severity

5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Weakness

Use of Hard-coded Cryptographic Key (CWE-321)

Summary

A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic key.

References

cve.org | nvd.nist.gov

Remediation

The issue has been fixed in ICMHelper version 2.0.1.0.

Acknowledgments

Drägerwerk AG & Co. KGaA thanks the following parties for their efforts:

CERT@VDE for coordination (see https://certvde.com )
CODE WHITE GmbH for responsible disclosure

Revision History

Version	Date	Summary
1	05.08.2025 12:00	Initial revision.

Draeger: ICMHelper is vulnerable to a privilege escalation

Summary

Impact

Affected Product(s)

Vulnerabilities

CVE-2025-41698 7.8

CVE-2025-2810 5.5

Remediation

Acknowledgments

Revision History