CVE-2025-2264
Published: 13 March 2025
Summary
CVE-2025-2264 is a high-severity Path Traversal (CWE-22) vulnerability in Santesoft Sante Pacs Server. Its CVSS base score is 7.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked in the top 1.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).
Deeper analysis
A Path Traversal Information Disclosure vulnerability tracked as CVE-2025-2264 affects Sante PACS Server.exe. The flaw, assigned CWE-22 and carrying a CVSS 3.1 score of 7.5, permits an unauthenticated remote attacker to read arbitrary files from the disk volume on which the application is installed.
An attacker can exploit the issue over the network without credentials or user interaction to retrieve sensitive files stored on the server host. Successful exploitation results in disclosure of confidential data while leaving integrity and availability unaffected.
Public advisories from Tenable at https://www.tenable.com/security/research/tra-2025-08 provide additional technical details on the vulnerability. The associated EPSS score has reached a peak of 0.7152 with a current value of 0.6437.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-6301
Vulnerability details
A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Path traversal (CVE-2025-2264) enables arbitrary file reads for data collection from local system (T1005) and file/directory discovery (T1083). Vulnerabilities in public-facing Sante PACS Server facilitate exploitation (T1190), including buffer overflow (CVE-2025-2263) for potential RCE.
MITRE ATLAS TechniquesAI
MITRE ATLAS techniques
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly prevents path traversal exploitation by validating user-supplied file path inputs to block access to arbitrary files.
Mitigates the specific CVE by requiring timely identification, reporting, and remediation of the path traversal flaw through patching.
Enforces access control policies to restrict logical access to system files, preventing unauthorized disclosure via path traversal.