Santesoft’s Sante DICOM Viewer Pro confronts a grave security flaw with a CVSS v3 score of 7.8, stemming from an Out-of-Bounds Read vulnerability. Versions 14.0.3 and earlier are susceptible, potentially allowing a local attacker to access sensitive data or execute arbitrary code through a malicious DICOM file. Given its widespread deployment in healthcare and public health sectors globally, immediate action is imperative. Santesoft promptly released version 14.0.4 as a remedy, emphasizing the urgency of updating to mitigate risks. CISA reinforces this urgency, advising users to remain vigilant against social engineering tactics and exercise caution with unsolicited email attachments or links. Proactive measures, including thorough risk assessments, are crucial to safeguarding critical infrastructure from cyber threats.
As Santesoft addresses the vulnerability in Sante DICOM Viewer Pro, users are urged to take swift action to protect their systems. The vulnerability, identified as an Out-of-Bounds Read issue, poses significant risks, potentially enabling attackers to exploit sensitive information or execute arbitrary code. With versions 14.0.3 and earlier at risk, users must update to the latest version, 14.0.4, to mitigate these threats effectively. CISA underscores the importance of remaining vigilant against social engineering attacks, recommending users to exercise caution when handling email attachments or links. By implementing proactive security measures and promptly updating software, organizations can enhance their defenses against cyber threats and safeguard critical assets from exploitation.
