The vulnerability of the DCM files on the medical image and data management system, as well as the Sante PACS Server, allows a perpetrator to trigger a service failure.

🗓️ 13 Mar 2025 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 2 Views

Remote service disruption due to insufficient input validation on DCM files in the medical image system and Sante PACS Server.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2025-0571	20 Jan 202505:00	–	circl
CNNVD	Santesoft Sante PACS Server 缓冲区错误漏洞	30 Jan 202500:00	–	cnnvd
CVE	CVE-2025-0571	30 Jan 202520:17	–	cve
Cvelist	CVE-2025-0571 Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability	30 Jan 202520:17	–	cvelist
EUVD	EUVD-2025-1768	3 Oct 202520:07	–	euvd
NVD	CVE-2025-0571	30 Jan 202521:15	–	nvd
Positive Technologies	PT-2025-3963 · Sante · Sante Pacs Server Web Portal Dcm	4 Sep 202400:00	–	ptsecurity
Vulnrichment	CVE-2025-0571 Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability	30 Jan 202520:17	–	vulnrichment
Zero Day Initiative	Sante PACS Server Web Portal DCM File Parsing Memory Corruption Denial-of-Service Vulnerability	20 Jan 202500:00	–	zdi

Vulners

Node

santesoft sante_pacs_server_pgRange<4.0.10

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-CAN-25305/
web	www.web.nvd.nist.gov/view/vuln/detail
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-25-051/

13 Mar 2025 00:00Current

6.5Medium risk

Vulners AI Score6.5

CVSS 36.5

CVSS 26.8

EPSS0.00925

medical image system data management system input validation remote disruption sante server