CVE-2021-4479 MEDIUM

CVE-2021-4479: Dräger Atlan A350 1.00 <= 1.01 DoS via Medibus Interface

Vendor Dräger
Product Atlan A350
Weakness CWE-1286
Published June 2, 2026
Last update June 10, 2026

CVSS base score

6.3/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:L

What the vulnerability does

01Description

Dräger Atlan A350 versions 1.00 up to and including 1.01 contains an improper input handling vulnerability that allows attackers to cause a denial of service by sending specifically crafted non-Medibus-compliant data through the Medibus interface. Attackers can transmit malformed data to overload the internal processor, gradually disrupting device operation over several hours and causing loss of data transmission, delayed display of real-time curves, and deviation between displayed airway pressure values and screen curves.

Key dates

02Disclosure timeline

June 2, 2026 CVE published
June 10, 2026 Record updated