Santesoft Sante PACS Server

Plan Patch7.5ICS-CERT ICSMA-25-224-01Aug 12, 2025

Attack VectorNetwork

Auth RequiredNone

ComplexityLow

User InteractionNone needed

Summary

Santesoft Sante PACS Server versions prior to 4.2.3 contain multiple vulnerabilities including path traversal (CWE-22), double-free memory corruption (CWE-415), cleartext transmission of sensitive data (CWE-319), and cross-site scripting (CWE-79). Successful exploitation could allow an attacker to create arbitrary files, cause denial-of-service, obtain sensitive information, and steal user session cookies.

What this means

What could happen

An attacker could disrupt medical imaging operations by creating unauthorized files or triggering crashes on the PACS server, and could access or modify patient imaging data and doctor credentials through information disclosure and session hijacking.

Who's at risk

Healthcare facilities using Santesoft Sante PACS Server should care about this vulnerability. PACS servers store and serve medical imaging—disrupting them prevents radiologists and clinicians from accessing patient X-rays, CT scans, and other critical diagnostic images, impacting patient care and surgical planning.

How it could be exploited

An attacker on your network could send crafted HTTP requests to the PACS server to exploit path traversal and write files to arbitrary locations, or trigger memory corruption causing a service crash. Additionally, sensitive data like authentication tokens and credentials are transmitted without encryption, allowing session hijacking attacks if traffic is intercepted.

Prerequisites

Network access to the PACS server HTTP/HTTPS port
No authentication required for the path traversal and denial-of-service vulnerabilities
Ability to intercept network traffic for credential theft (affects devices on the same network or with unencrypted connections)

Remotely exploitableNo authentication requiredLow complexity attackAffects healthcare operationsInformation disclosure riskDenial-of-service capabilitySensitive medical data at risk

Exploitability

Moderate exploit probability (EPSS 1.4%)

Affected products (1)

ProductAffected VersionsFix Status

Sante PACS Server: <4.2.3<4.2.34.2.3

Remediation & Mitigation

0/5

Do now

0/3

HARDENINGRestrict network access to the PACS server—limit connectivity to authorized medical workstations and imaging devices only

HARDENINGPlace the PACS server behind a firewall and isolate it from the business network if possible

HARDENINGEnsure the PACS server is not accessible from the Internet

Schedule — requires maintenance window

0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpdate Sante PACS Server to version 4.2.3 or later

Long-term hardening

0/1

HARDENINGDeploy network segmentation to prevent lateral movement from the business network to the PACS system

CVEs (5)

CVE-2025-0572 CVE-2025-53948 CVE-2025-54156 CVE-2025-54862 CVE-2025-54759

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/d83ea878-a6d2-4afa-8e8f-96f0d1840b89