- Description
- During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password. A fixed 0x80-byte stack-based buffer is passed to the function as the output buffer. A stack-based buffer overflow exists if a long encrypted username or password is supplied by an unauthenticated remote attacker.
- Source
- vulnreport@tenable.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- Hype score
- Not currently trending
CVE-2025-2263 (CVSS 9.8): Stack Overflow Flaw Threatens Patient Data in PACS Systems A critical stack overflow vulnerability in PACS systems risks exposing sensitive patient data, with a proof-of-concept now public. https://t.co/MRmu9I3fbP #Cybersecurity #Healthcare… https://t.
@adriananglin
19 Mar 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-2263 ⚠️🔴 CRITICAL (9.8) 🏢 Santesoft - Sante PACS Server 🏗️ 4.1.0 🔗 https://t.co/fZ935whhQn #CyberCron #VulnAlert #InfoSec https://t.co/7Zarp9tqmt
@cybercronai
15 Mar 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-2263: CRITICAL] Vulnerability in "Sante PACS Server.exe" allows remote attackers to trigger a stack-based buffer overflow during login. #cybersecurity#cybersecurity,#vulnerability https://t.co/mNQNzuZupk https://t.co/6ic1m01nbB
@CveFindCom
13 Mar 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-2263 During login to the web server in "Sante PACS Server.exe", OpenSSL function EVP_DecryptUpdate is called to decrypt the username and password. A fixed 0x80-byte stack-ba… https://t.co/ZJqKkfzdHI
@CVEnew
13 Mar 2025
223 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:santesoft:sante_pacs_server:4.1.0:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "94D12F49-C02A-4B31-B215-387260205DB3"
}
],
"operator": "OR"
}
]
}
]