CVE-2025-54759 Santesoft CVE debrief

Who should care

Organizations running Santesoft Sante PACS Server, especially administrators and users in medical imaging environments, should review and apply the vendor update.

Technical summary

The supplied CISA CSAF advisory identifies a stored cross-site scripting vulnerability in Santesoft Sante PACS Server. The provided CVSS vector is CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N, which indicates a network-reachable issue that requires user interaction and can affect confidentiality and integrity at a low level. CISA’s description states that injected malicious HTML can redirect a user to a malicious webpage and steal cookies. The advisory’s remediation is to update to PACS Server Version 4.2.3 or later.

Defensive priority

Medium. Treat as a priority patch for affected deployments, with faster action if the server is internet-facing or used by many internal users.

Recommended defensive actions

• Upgrade Sante PACS Server to Version 4.2.3 or later as recommended by Santesoft.
• Review any pages or fields that accept user-supplied content for stored XSS exposure and verify input/output handling.
• Clear session cookies and review authentication/session controls after remediation if abuse is suspected.
• Use browser and application hardening controls that reduce cookie theft impact, such as secure session handling and least-privilege access.
• Monitor for suspicious redirects, unexpected HTML content, or user reports of unusual browser behavior in the PACS interface.

Evidence notes

All statements are taken from the supplied CISA CSAF advisory metadata and remediation entry for CVE-2025-54759. The advisory was published and last modified on 2025-08-12T06:00:00.000Z. The source corpus does not mark this CVE as KEV, and no ransomware-campaign linkage is provided.

Official resources