CVE-2024-1453 – This vulnerability in Sante DICOM Viewer Pro al... (How to Fix)

Q: What is the severity of CVE-2024-1453?

CVE-2024-1453 has a CVSS score of 7.8 (HIGH). This vulnerability in Sante DICOM Viewer Pro allows attackers to execute arbitrary code or disclose information by tricking users into opening malicious DICOM files. It affects healthcare and medical imaging environments using versions 14.0.3 and earlier. The attack requires local access or user interaction with malicious files.

📋 TL;DR

This vulnerability in Sante DICOM Viewer Pro allows attackers to execute arbitrary code or disclose information by tricking users into opening malicious DICOM files. It affects healthcare and medical imaging environments using versions 14.0.3 and earlier. The attack requires local access or user interaction with malicious files.

💻 Affected Systems

Products:

Sante DICOM Viewer Pro

Versions: 14.0.3 and prior

Operating Systems: Windows, Linux, macOS (if supported)

Default Config Vulnerable: ⚠️ Yes

Notes: Vulnerability exists in default installation; requires user to open malicious DICOM file.

📦 What is this software?

Dicom Viewer Pro by Santesoft

View all CVEs affecting Dicom Viewer Pro →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise through arbitrary code execution, potentially leading to data theft, ransomware deployment, or lateral movement within medical networks.

🟠

Likely Case

Information disclosure from medical imaging systems or limited code execution in user context, potentially exposing patient data or disrupting medical workflows.

🟢

If Mitigated

No impact if proper security controls prevent execution of malicious files or if software is patched/isolated.

🌐 Internet-Facing: LOW - Attack requires user interaction with malicious files, not directly exploitable over internet.

🏢 Internal Only: HIGH - Medical environments often have sensitive data and limited security controls; insider threats or phishing could deliver malicious files.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires user interaction (opening malicious file) but technical complexity appears low based on CWE-125 (out-of-bounds read).

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 14.0.4 or later (check vendor advisory)

Vendor Advisory: https://www.santesoft.com/security (check for specific advisory)

Restart Required: Yes

Instructions:

1. Download latest version from Sante website. 2. Backup configuration files. 3. Uninstall current version. 4. Install updated version. 5. Restart system.

🔧 Temporary Workarounds

Restrict DICOM file sources

all

Only allow DICOM files from trusted sources and implement file validation

User training and awareness

all

Train medical staff to only open DICOM files from trusted medical sources

🧯 If You Can't Patch

Isolate Sante DICOM Viewer systems from network and restrict to essential users only
Implement application whitelisting to prevent execution of unauthorized code

🔍 How to Verify

Check if Vulnerable:

Check Help > About in Sante DICOM Viewer Pro - if version is 14.0.3 or earlier, system is vulnerable

Check Version:

Not applicable - check via application GUI Help > About

Verify Fix Applied:

Verify version is 14.0.4 or later in Help > About menu

📡 Detection & Monitoring

Log Indicators:

Unexpected process execution from Sante DICOM Viewer
Multiple failed file parsing attempts
Unusual network connections from viewer process

Network Indicators:

Outbound connections to suspicious IPs from viewer process
Unexpected data exfiltration patterns

SIEM Query:

process_name:"SanteDICOMViewer.exe" AND (parent_process:explorer.exe OR cmdline:*dcm*)

📊 Metadata

CVE ID: CVE-2024-1453

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-125

Published: March 1, 2024

Last Updated: January 16, 2025

🔗 References

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-058-01 Third Party Advisory,US Government Resource
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-058-01 Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-1453, you might also want to check these: