CVE-2025-0569
Published: 30 January 2025
Summary
CVE-2025-0569 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Santesoft Sante Pacs Server. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 17.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-16 (Memory Protection).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Directly requires validation of user-supplied data during DCM file parsing to prevent memory corruption from improper input handling.
Implements memory protections such as address space layout randomization and data execution prevention to mitigate out-of-bounds writes and memory corruption exploits.
Provides vulnerability scanning, flaw identification, and remediation processes to patch the specific DCM parsing memory corruption vulnerability.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated exploitation of memory corruption in public-facing PACS server DCM parser directly enables T1190 for initial access resulting in DoS.
NVD Description
Sante PACS Server DCM File Parsing Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within…
more
the parsing of DCM files. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-25303.
Deeper analysisAI
CVE-2025-0569 is a memory corruption vulnerability in the DCM file parsing component of Sante PACS Server. The flaw arises from insufficient validation of user-supplied data during DCM file processing, leading to a denial-of-service condition. Affected installations of Sante PACS Server are vulnerable, with the issue tracked as ZDI-CAN-25303 and assigned a CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). It maps to CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-787 (Out-of-bounds Write).
Remote attackers can exploit this vulnerability without authentication by sending a specially crafted DCM file to the server. Successful exploitation triggers memory corruption, resulting in a denial-of-service condition that disrupts server availability.
The Zero Day Initiative published details in advisory ZDI-25-052, available at https://www.zerodayinitiative.com/advisories/ZDI-25-052/.
Details
- CWE(s)