CVE-2025-2480
Published: 20 March 2025
Description
An adversary may rely upon a user opening a malicious file in order to gain execution.
Security Summary
Santesoft Sante DICOM Viewer Pro is affected by CVE-2025-2480, an out-of-bounds write vulnerability classified under CWE-787. Published on 2025-03-20, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). The flaw occurs when processing DICOM (DCM) files, allowing potential memory corruption upon opening a specially crafted file.
A local attacker can exploit this vulnerability by tricking a user into opening a malicious DCM file within the Sante DICOM Viewer Pro application. No special privileges are required (PR:N), though local access and user interaction are necessary. Successful exploitation leads to arbitrary code execution with the privileges of the user running the application, resulting in high impacts to confidentiality, integrity, and availability.
Mitigation details are outlined in CISA's ICS Medical Advisory ICSMA-25-079-01 and on the vendor's download page at https://santesoft.com/win/sante-dicom-viewer-pro/download.html, which likely provides access to patched versions.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
Out-of-bounds write in DICOM file parser enables arbitrary code execution upon opening a crafted file, directly mapping to client-side exploitation (T1203) triggered by user opening malicious file (T1204.002).