CVE-2025-53948

High CVSS: 8.7

The Sante PACS Server allows a remote attacker to crash the main thread by sending a crafted HL7 message, causing a denial-of-service condition. The application would require a manual restart and no authentication is required.

Vendor

Santesoft

Product

Sante Pacs Server

CWE

CWE-415

Yayın Tarihi

2025-08-18 22:15:28

Güncelleme

2025-10-17 17:42:51

Source Identifier

ics-cert@hq.dhs.gov

KEV Date Added

Kategoriler

CWE-415 Sante Pacs Server HIGH Santesoft 2025

Referanslar

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-224-01

Benzer Kayıtlar

High

CVE-2026-2034

Sante DICOM Viewer Pro DCM File Parsing Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows r…

Critical

CVE-2025-54156

The Sante PACS Server Web Portal sends credential information without encryption.

Medium

CVE-2025-54759

Sante PACS Server is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes redirectin…

Medium

CVE-2025-54862

Sante PACS Server web portal is vulnerable to stored cross-site scripting. An attacker could inject malicious HTML codes…

High

CVE-2025-5481

Sante DICOM Viewer Pro DCM File Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability. This vulnerability allo…

High

CVE-2025-5307

Santesoft Sante DICOM Viewer Pro contains a memory corruption vulnerability. A local attacker could exploit this issue t…