Cyber Resilience

CVE-2025-2264

HighPublic PoC

Published: 13 March 2025

Published
13 March 2025
Modified
03 April 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.6437 98.5th percentile
Risk Priority 54 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-2264 is a high-severity Path Traversal (CWE-22) vulnerability in Santesoft Sante Pacs Server. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Data from Local System (T1005); ranked in the top 1.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-10 (Information Input Validation).

Deeper analysis

A Path Traversal Information Disclosure vulnerability tracked as CVE-2025-2264 affects Sante PACS Server.exe. The flaw, assigned CWE-22 and carrying a CVSS 3.1 score of 7.5, permits an unauthenticated remote attacker to read arbitrary files from the disk volume on which the application is installed.

An attacker can exploit the issue over the network without credentials or user interaction to retrieve sensitive files stored on the server host. Successful exploitation results in disclosure of confidential data while leaving integrity and availability unaffected.

Public advisories from Tenable at https://www.tenable.com/security/research/tra-2025-08 provide additional technical details on the vulnerability. The associated EPSS score has reached a peak of 0.7152 with a current value of 0.6437.

EU & UK References

Vulnerability details

A Path Traversal Information Disclosure vulnerability exists in "Sante PACS Server.exe". An unauthenticated remote attacker can exploit it to download arbitrary files on the disk drive where the application is installed.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1005 Data from Local System Collection
Adversaries may search local system sources, such as file systems, configuration files, local databases, virtual machine files, or process memory, to find files of interest and sensitive data prior to Exfiltration.
T1083 File and Directory Discovery Discovery
Adversaries may enumerate files and directories or may search in specific locations of a host or network share for certain information within a file system.
T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
Why these techniques?

Path traversal (CVE-2025-2264) enables arbitrary file reads for data collection from local system (T1005) and file/directory discovery (T1083). Vulnerabilities in public-facing Sante PACS Server facilitate exploitation (T1190), including buffer overflow (CVE-2025-2263) for potential RCE.

MITRE ATLAS TechniquesAI

MITRE ATLAS techniques

AML.T0016: Obtain CapabilitiesAML.T0024: Exfiltration via AI Inference API

CVEs Like This One

CVE-2025-0568Same product: Santesoft Sante Pacs Server
CVE-2025-2263Same product: Santesoft Sante Pacs Server
CVE-2025-0569Same product: Santesoft Sante Pacs Server
CVE-2025-0574Same product: Santesoft Sante Pacs Server
CVE-2025-60946Shared CWE-22
CVE-2026-6024Shared CWE-22
CVE-2025-67160Shared CWE-22
CVE-2026-49128Shared CWE-22
CVE-2026-30914Shared CWE-22
CVE-2026-22557Shared CWE-22

Affected Assets

santesoft
sante pacs server
4.1.0

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly prevents path traversal exploitation by validating user-supplied file path inputs to block access to arbitrary files.

prevent

Mitigates the specific CVE by requiring timely identification, reporting, and remediation of the path traversal flaw through patching.

prevent

Enforces access control policies to restrict logical access to system files, preventing unauthorized disclosure via path traversal.

References