CVE-2025-5307

Santesoft Sante DICOM Viewer Pro contains a memory corruption vulnerability. A local attacker could exploit this issue to potentially disclose information and to execute arbitrary code on affected installations of Sante DICOM Viewer Pro.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
icscertCNA
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
VendorProductVersion
santesoftdicom_viewer_pro
𝑥
< 14.2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-148-01
https://www.santesoft.com/win/sante-dicom-viewer-pro/download.html