ICSMA-25-224-01 · Published 2025-08-12 · View on CISA ICS-CERT ↗

Santesoft Sante PACS Server

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to create arbitrary files, cause a denial-of-service condition, obtain sensitive information, and steal a user's cookie information.

CVEs (5)

CVE-2025-0572 CVE-2025-53948 CVE-2025-54156 CVE-2025-54862 CVE-2025-54759

Remediations

Santesoft recommends users update PACS Server to Version 4.2.3 or later.

Affected Vendors

Santesoft

Affected Products (1)

Santesoft · Sante PACS Server <4.2.3

Affected Sectors

Healthcare and Public Health

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more