Santesoft Sante DICOM Viewer Pro

Plan PatchCVSS 7.8ICS-CERT ICSMA-25-148-01May 29, 2025

Attack path

Attack VectorLocal

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

Sante DICOM Viewer Pro versions 14.2.1 and earlier contain a buffer over-read vulnerability (CWE-125) in DICOM file parsing that could allow an attacker to disclose sensitive information or execute arbitrary code. The vulnerability requires local access and user interaction to open a malicious DICOM file. Santesoft has released version 14.2.2 to address this issue.

What this means

What could happen

An attacker with local access to a workstation running Sante DICOM Viewer Pro could read sensitive medical imaging data or run arbitrary commands on the system, potentially compromising patient privacy or introducing malware into the clinical network.

Who's at risk

Healthcare IT staff and medical imaging technicians who deploy Sante DICOM Viewer Pro on clinical workstations should prioritize this update. Any organization using this DICOM viewer for radiology, pathology, or cardiology imaging is affected.

How it could be exploited

An attacker would need to trick a user into opening a specially crafted DICOM file in Sante DICOM Viewer Pro. The vulnerability in the file parsing code allows the attacker to read memory or execute code within the viewer application running on the user's workstation.

Prerequisites

Local access to a workstation running Sante DICOM Viewer Pro version 14.2.1 or earlier
User interaction required to open a malicious DICOM file
No special credentials or elevated privileges needed

Local exploitation requiredUser interaction neededAffects medical imaging data handlingNo patch available until v14.2.2

Exploitability

Unlikely to be exploited — EPSS score 0.1%

Affected products (1)

ProductAffected VersionsFix Status

Sante DICOM Viewer Pro: <=14.2.1≤ 14.2.1v14.2.2

Remediation & Mitigation

0/3

Do now

0/1

WORKAROUNDDisable automatic opening of DICOM files from untrusted sources or email attachments in the viewer

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Sante DICOM Viewer Pro to version 14.2.2 or later

Long-term hardening

0/1

HARDENINGImplement email gateway filtering to block DICOM attachments from external sources

CVEs (1)

CVE-2025-5307

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/d2059eca-d7cf-4cf6-96a7-6b22b6df9367

Get OT security insights every Tuesday

Advisory breakdowns, a weekly summary, and incident analyses for the people actually defending OT environments. Free, no account required.