OTPulse
FeedAboutContact

Santesoft Sante DICOM Viewer Pro

Plan Patch7.8ICS-CERT ICSMA-25-079-01Mar 20, 2025
Attack VectorLocal
Auth RequiredNone
ComplexityLow
User InteractionRequired
Summary

Santesoft Sante DICOM Viewer Pro versions 14.1.2 and earlier contain a memory corruption vulnerability (CWE-787) that could allow an attacker to execute arbitrary code on a system running the affected software. The vulnerability requires local access and user interaction (opening a malicious file).

What this means
What could happen
An attacker could cause memory corruption and execute arbitrary code on a workstation running Sante DICOM Viewer Pro, potentially compromising imaging data or gaining control of that system for lateral movement into the hospital or imaging network.
Who's at risk
Healthcare facilities and imaging centers using Sante DICOM Viewer Pro on diagnostic or administrative workstations. This affects any organization that processes, reviews, or archives DICOM medical images, including hospitals, radiology departments, cardiology labs, and picture archiving and communication system (PACS) administrators.
How it could be exploited
An attacker would need to deliver a malicious file (likely a DICOM image or related format) to a user of Sante DICOM Viewer Pro. When the user opens the file in the viewer, the memory corruption flaw is triggered, allowing code execution with the privileges of the application and the logged-in user.
Prerequisites
  • Local access to a workstation running Sante DICOM Viewer Pro version 14.1.2 or earlier
  • User must open a malicious DICOM or related image file in the viewer
  • No administrative privileges or special credentials required
Requires user interaction (file opening)Low complexity exploitationLocal access only (not remotely exploitable)Memory corruption can lead to code executionAffects systems handling sensitive medical imaging data
Exploitability
Low exploit probability (EPSS 0.0%)
Affected products (1)
ProductAffected VersionsFix Status
Sante DICOM Viewer Pro: <=14.1.2≤ 14.1.214.2.0 or later
Remediation & Mitigation
0/4
Do now
0/2
WORKAROUNDEducate users not to open DICOM files or image attachments from untrusted sources, particularly unsolicited email
WORKAROUNDImplement email filtering to block or quarantine unexpected file attachments
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Sante DICOM Viewer Pro to version 14.2.0 or later
Long-term hardening
0/1
HARDENINGRestrict network access to imaging workstations; do not expose DICOM imaging systems directly to the internet or untrusted networks
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/8083e4e4-51b4-42fd-8490-f9781ba045c0
Santesoft Sante DICOM Viewer Pro | CVSS 7.8 - OTPulse