OTPulse
FeedAboutContact

Santesoft Sante DICOM Viewer Pro

Plan Patch7.8ICS-CERT ICSMA-24-058-01Feb 27, 2024
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Santesoft Sante DICOM Viewer Pro versions 14.0.3 and earlier contain a buffer overflow vulnerability (CWE-125) that could allow an attacker to disclose information and execute arbitrary code on affected installations. The vulnerability requires local access and user interaction (opening a malicious file).

What this means
What could happen
An attacker could execute arbitrary code on a workstation running Sante DICOM Viewer Pro, potentially compromising sensitive medical imaging data or using the workstation as a pivot point into the hospital network.
Who's at risk
Hospitals, imaging centers, and diagnostic facilities that use Sante DICOM Viewer Pro on clinical workstations. This affects administrative and clinical staff who view medical imaging files, particularly those using older versions of the software.
How it could be exploited
An attacker creates a malicious DICOM file and tricks a user into opening it with Sante DICOM Viewer Pro. The buffer overflow in the file parsing code allows the attacker to execute arbitrary commands with the privileges of the user running the viewer.
Prerequisites
  • Local access to a workstation running Sante DICOM Viewer Pro v14.0.3 or earlier
  • User must open a malicious DICOM file (social engineering or file delivery required)
  • No special privileges or credentials needed
Local access requiredUser interaction required (file must be opened)Buffer overflow (memory corruption)Affects medical imaging workflowsInformation disclosure and code execution possible
Exploitability
Low exploit probability (EPSS 0.1%)
Affected products (1)
ProductAffected VersionsFix Status
Sante DICOM Viewer Pro: <=14.0.3≤ 14.0.314.0.4
Remediation & Mitigation
0/3
Do now
0/2
WORKAROUNDDo not click links or open attachments in unsolicited emails; implement email security controls and user training to prevent social engineering attacks
HARDENINGRestrict file sharing and DICOM import to trusted sources; validate all DICOM files before opening in the viewer
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Sante DICOM Viewer Pro to version 14.0.4 or later
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/978f2822-0ef9-4fd4-84f2-dd6f72fe8c95
Santesoft Sante DICOM Viewer Pro | CVSS 7.8 - OTPulse