Home > Vulnerabilities
82 views 47 secs 0 comments

CISA Advisory Healthcare INFINITT PACS

In Vulnerabilities
April 12, 2025

Alert Code: ICSMA-25-100-01

EXECUTIVE SUMMARY

  • CVSS v4 8.7
  • ATTENTION: Exploitable remotely/low attack complexity/public exploits are available
  • Vendor: INFINITT Healthcare
  • Equipment: INFINITT PACS
  • Vulnerabilities: Unrestricted Upload of File with Dangerous Type, Exposure of Sensitive System Information to an Unauthorized Control Sphere,

2. RISK EVALUATION

Successful exploitation of these vulnerabilities could allow an attacker to upload malicious files and access unauthorized system resources, resulting in arbitrary code execution or information disclosure.

3. TECHNICAL DETAILS

3.1 AFFECTED PRODUCTS

The following INFINITT Healthcare products are affected:

  • INFINITT PACS System Manager: Versions 3.0.11.5 BN9 and prior

Read more at CISA.

Related Post
CISA warns of SimpleHelp ransomware compromises after string of retail attacks
CISA warns of SimpleHelp ransomware compromises after string of retail attacks
June, 2025
Hackers are using Google.com to deliver malware by bypassing antivirus software. Here’s how to stay safe
June, 2025
Unpatched IT Tool Opens Door – Hackers Breach Billing Software Firm via SimpleHelp RMM
June, 2025
0day for vBulletin: PoC is already online, but no one is installing the patch
June, 2025