CVE-2025-5307 HIGH

CVE-2025-5307: Santesoft Sante DICOM Viewer Pro Out-of-bounds Read

Vendor Santesoft
Product Sante DICOM Viewer Pro
Weakness CWE-125
Published May 29, 2025
Last update May 30, 2025

CVSS base score

8.4/10
Attack vector Local
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

What the vulnerability does

01Description

Santesoft Sante DICOM Viewer Pro contains a memory corruption vulnerability. A local attacker could exploit this issue to potentially disclose information and to execute arbitrary code on affected installations of Sante DICOM Viewer Pro.

Key dates

02Disclosure timeline

May 29, 2025 CVE published
May 30, 2025 Record updated