CVE-2025-35032

Summary

Medical Informatics Engineering Enterprise Health allows authenticated users to upload arbitrary files. The impact of this behavior depends on how files are accessed. This issue is fixed as of 2025-04-08.

Affected Software

VendorProductVersion RangeStatus
Medical Informatics EngineeringEnterprise Health0 < 2025-04-08affected
Medical Informatics EngineeringEnterprise Health2025-04-08unaffected

Weaknesses

  • CWE-434: CWE-434 Unrestricted Upload of File with Dangerous Type

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References