Santesoft Releases Security Update for Sante FFT Imaging

The out-of-bounds write vulnerability could lead to arbitrary code execution

Threat ID:: CC-4460
Threat Severity:: Low
Published:: 6 March 2024 11:39 AM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

The out-of-bounds write vulnerability could lead to arbitrary code execution

Affected platforms

The following platforms are known to be affected:

Versions: 1.4.1 and earlier

Santesoft Sante FFT Imaging

Threat details

Introduction

Santesoft have released a security update to address an out-of-bounds write vulnerability in Sante FFT Imaging with a CVSSv3 score of 7.8.

Successful exploitation of CVE-2024-1696 could allow a local attacker to perform arbitrary code execution once a user opens a malicious DCM file on affected FFT Imaging installations.

Remediation advice

Affected organisations are encouraged to review CISA advisory ICSMA-24-065-01 and apply the relevant update.

Definitive source of threat updates

CVE Vulnerabilities

Status Reserved

CVE-2024-1696

Last edited: 6 March 2024 11:39 am