Draeger: ICMHelper is vulnerable to a privilege escalation

VDE-2025-028

Last update

06.01.2026 12:00

Published at

05.08.2025 12:00

Vendor(s)

CERT@VDE

External ID

VDE-2025-028

CSAF Document

Download

Summary

A security vulnerability was identified in the ICMHelper service running on the system of an ICM installation.
A low privileged local attacker could exploit this vulnerability to issue OS commands with the highest privileges.

Impact

The vulnerability CVE-2025-41698 allows an attacker to gain full access to application, sensitive information, client system and server. This requires successful exploitation of CVE-2025-2810.

Affected Product(s)

Model no.	Product name	Affected versions
	Draeger ICMHelper <=1.4.0.1	Draeger ICMHelper <=1.4.0.1

Vulnerabilities

Expand / Collapse all

Published

09.01.2026 09:45

Severity

7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weakness

Missing Authorization (CWE-862)

References

cve.org | nvd.nist.gov

Published

09.01.2026 09:45

Severity

5.5 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Weakness

Use of Hard-coded Cryptographic Key (CWE-321)

References

cve.org | nvd.nist.gov

Remediation

The issue has been fixed in ICMHelper version 2.0.1.0.

Acknowledgments

CERT@VDE thanks the following parties for their efforts:

CERT@VDE for coordination (see https://certvde.com )
CODE WHITE GmbH for responsible disclosure

Revision History

Version	Date	Summary
1.0.0	05.08.2025 12:00	Initial revision.
2.0.0	15.12.2025 12:00	Changes to publisher Added CPEs as product_identification_helper
3.0.0	06.01.2026 12:00	fixed version range, fixed Aggregate severity, changed vulnerability Title to CVE description, fix CPE to have at least one for affected products