CVE-2025-0574
Published: 30 January 2025
Summary
CVE-2025-0574 is a high-severity Improper Restriction of Operations within the Bounds of a Memory Buffer (CWE-119) vulnerability in Santesoft Sante Pacs Server. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked in the top 22.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
SI-10 directly enforces validation of user-supplied URL inputs in the web server module, preventing memory corruption from malformed data.
SC-5 protects against denial-of-service events like the memory corruption crash triggered by unauthenticated remote URL requests.
SI-16 implements memory safeguards such as bounds checking or protections against out-of-bounds writes during URL parsing.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Remote unauthenticated memory corruption in public-facing web server module directly enables T1190 exploitation resulting in endpoint DoS (T1499).
NVD Description
Sante PACS Server URL path Memory Corruption Denial-of-Service Vulnerability. This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of Sante PACS Server. Authentication is not required to exploit this vulnerability. The specific flaw exists within the…
more
parsing of URLs in the web server module. The issue results from the lack of proper validation of user-supplied data, which can result in a memory corruption condition. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Was ZDI-CAN-25318.
Deeper analysisAI
CVE-2025-0574 is a memory corruption vulnerability affecting Sante PACS Server installations. The flaw exists in the web server module during parsing of URLs, stemming from insufficient validation of user-supplied data, which can lead to a denial-of-service condition. No authentication is required to trigger the issue, and it has been canonized as ZDI-CAN-25318 with associated CWEs CWE-119 (Improper Restriction of Operations within the Bounds of a Memory Buffer) and CWE-787 (Out-of-bounds Write).
Remote, unauthenticated attackers can exploit this vulnerability over the network with low complexity and no user interaction. By sending malformed URL requests, an attacker can induce memory corruption, resulting in a denial-of-service that disrupts availability on the targeted system. The CVSS v3.1 base score of 7.5 (AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H) underscores its high-impact potential on system uptime without compromising confidentiality or integrity.
The Zero Day Initiative advisory ZDI-25-055 provides details on this vulnerability, published on 2025-01-30.
Details
- CWE(s)