CVE-2025-5307 – Santesoft Sante DICOM Viewer Pro contains a mem... (How to Fix)

Q: What is the severity of CVE-2025-5307?

CVE-2025-5307 has a CVSS score of 7.8 (HIGH). Santesoft Sante DICOM Viewer Pro contains a memory corruption vulnerability (CWE-125) that allows a local attacker to potentially disclose sensitive information and execute arbitrary code. This affects installations of the medical imaging software where an attacker has local access to the system. The vulnerability has a CVSS score of 7.8, indicating high severity.

📋 TL;DR

Santesoft Sante DICOM Viewer Pro contains a memory corruption vulnerability (CWE-125) that allows a local attacker to potentially disclose sensitive information and execute arbitrary code. This affects installations of the medical imaging software where an attacker has local access to the system. The vulnerability has a CVSS score of 7.8, indicating high severity.

💻 Affected Systems

Products:

Santesoft Sante DICOM Viewer Pro

Versions: Specific affected versions not specified in CVE description, likely multiple versions prior to patched release

Operating Systems: Windows (based on download link provided)

Default Config Vulnerable: ⚠️ Yes

Notes: Affects installations where the software is used for viewing medical DICOM images. The vulnerability requires local access to exploit.

📦 What is this software?

Dicom Viewer Pro by Santesoft

View all CVEs affecting Dicom Viewer Pro →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with attacker gaining full control over the affected system, potentially accessing sensitive medical imaging data and using the system as a foothold for lateral movement.

🟠

Likely Case

Local privilege escalation leading to unauthorized access to medical imaging data stored on the system and potential installation of malware.

🟢

If Mitigated

Limited impact due to proper network segmentation, application whitelisting, and restricted user permissions preventing successful exploitation.

🌐 Internet-Facing: LOW - This is a local attack vector requiring attacker access to the system, not directly exploitable over the internet.

🏢 Internal Only: HIGH - Local attackers (including malicious insiders or compromised accounts) can exploit this vulnerability to gain elevated privileges and access sensitive medical data.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Exploitation requires local access to the system. Memory corruption vulnerabilities typically require some technical sophistication to weaponize effectively.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patched version

Vendor Advisory: https://www.santesoft.com/win/sante-dicom-viewer-pro/download.html

Restart Required: Yes

Instructions:

1. Visit the Santesoft download page
2. Download the latest version of Sante DICOM Viewer Pro
3. Install the update following vendor instructions
4. Restart the system to ensure changes take effect

🔧 Temporary Workarounds

Restrict Local Access

windows

Limit user access to systems running the vulnerable software to only authorized medical personnel

Application Control

windows

Implement application whitelisting to prevent unauthorized execution of code

🧯 If You Can't Patch

Implement strict network segmentation to isolate systems running the vulnerable software
Apply principle of least privilege to user accounts accessing the software

🔍 How to Verify

Check if Vulnerable:

Check the installed version of Sante DICOM Viewer Pro against the vendor's patched version announcement

Check Version:

Check Help > About in Sante DICOM Viewer Pro application or examine installed programs in Windows Control Panel

Verify Fix Applied:

Verify that the software version matches or exceeds the patched version specified by the vendor

📡 Detection & Monitoring

Log Indicators:

Unusual process creation from Sante DICOM Viewer Pro
Memory access violations in application logs
Unexpected network connections originating from the software

Network Indicators:

Unexpected outbound connections from systems running the vulnerable software

SIEM Query:

Process Creation where Parent Process contains 'sante' OR Image contains 'dicom' AND Command Line contains unusual parameters

📊 Metadata

CVE ID: CVE-2025-5307

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-125

EPSS Score: 0.04% exploit probability (12.8th percentile)

Published: May 29, 2025

Last Updated: October 15, 2025

🔗 References

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-148-01 Mitigation,Third Party Advisory,US Government Resource
https://www.santesoft.com/win/sante-dicom-viewer-pro/download.html Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-5307, you might also want to check these: