CVE-2025-27721
📋 TL;DR
Unauthorized users can bypass authentication in INFINITT PACS System Manager, allowing access to system resources without proper credentials. This affects healthcare organizations using INFINITT PACS systems for medical imaging management.
💻 Affected Systems
- INFINITT PACS System Manager
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Attackers gain full administrative control over medical imaging systems, potentially accessing, modifying, or deleting patient medical images and sensitive healthcare data.
Likely Case
Unauthorized access to patient medical records, imaging data, and system configuration settings, potentially leading to data breaches and HIPAA violations.
If Mitigated
Limited access to non-critical system components with proper network segmentation and access controls in place.
🎯 Exploit Status
Authentication bypass vulnerabilities typically require minimal technical skill to exploit once discovered.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: Not specified in CISA advisory; contact vendor for specific patched version
Vendor Advisory: https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-100-01
Restart Required: Yes
Instructions:
1. Contact INFINITT Healthcare for latest security patches. 2. Apply vendor-provided patches following healthcare IT change management procedures. 3. Restart affected systems as required. 4. Verify patch application through testing.
🔧 Temporary Workarounds
Network Segmentation
allIsolate PACS systems from untrusted networks and implement strict firewall rules
Access Control Lists
allImplement strict IP-based access controls to limit connections to authorized sources only
🧯 If You Can't Patch
- Implement network segmentation to isolate PACS systems from general network traffic
- Deploy multi-factor authentication and strict access controls for all PACS system access
🔍 How to Verify
Check if Vulnerable:
Check system version against vendor's patched version list; test authentication bypass attempts in controlled environmentCheck Version:
Check through INFINITT PACS administration interface or contact vendor supportVerify Fix Applied:
Verify patch installation through vendor documentation and test authentication mechanisms post-patch📡 Detection & Monitoring
Log Indicators:
- Failed authentication attempts followed by successful access
- Access from unauthorized IP addresses
- Unusual access patterns to PACS system
Network Indicators:
- Unauthorized access attempts to PACS management ports
- Traffic patterns indicating authentication bypass
SIEM Query:
source="pacs-system" AND (event_type="auth_failure" AND event_type="auth_success" within 5s) OR (src_ip NOT IN authorized_ips AND dest_port=management_port)