CVE-2025-27714

Summary

An attacker could exploit this vulnerability by uploading arbitrary files via the a specific endpoint, leading to unauthorized remote code execution or system compromise.

Affected Software

VendorProductVersion RangeStatus
INFINITT HealthcareINFINITT PACS System Manager0 <= 3.0.11.5 BN9affected
INFINITT HealthcareINFINITT PACS System Manager3.0.11.5 BN10unaffected

Weaknesses

  • CWE-434: CWE-434

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References