VDE-2025-028 | CERT@VDE

2025-08-05 10:00 (CEST) VDE-2025-028

Draeger: ICMHelper is vulnerable to a privilege escalation

Share: Email | Twitter

ID

VDE-2025-028

Published

2025-08-05 10:00 (CEST)

Last update

2025-08-05 08:58 (CEST)

Vendor(s)

Drägerwerk AG & Co. KGaA

Product(s)

Article No°	Product Name	Affected Version(s)
	Draeger ICMHelper	<= 1.4.0.1

Summary

A security vulnerability was identified in the ICMHelper service running on the system of an ICM installation. A low privileged local attacker could exploit this vulnerability to issue OS commands with the highest privileges.

Vulnerabilities

CVE-2025-41698

7.8

Last Update

Aug. 6, 2025, 9:36 a.m.

Severity

7.8 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)

Weakness

Missing Authorization (CWE-862)

Summary

A low privileged local attacker can interact with the affected service although user-interaction should not be allowed.

Details

cert.vde.com

CVE-2025-2810

5.5

Last Update

Aug. 6, 2025, 9:37 a.m.

Severity

5.5 (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)

Weakness

Use of Hard-coded Cryptographic Key (CWE-321)

Summary

A low privileged local attacker can abuse the affected service by using a hardcoded cryptographic key.

Details

cert.vde.com

Impact

The vulnerability CVE-2025-41698 allows an attacker to gain full access to application, sensitive information, client system and server. This requires successful exploitation of CVE-2025-2810.

Solution

Remediation

The issue has been fixed in ICMHelper version 2.0.1.0.

Reported by

CERT@VDE coordinated with Dräger

Dräger thanks to CODE WHITE GmbH for responsible disclosure