- What is the severity of CVE-2025-27714?
- CVE-2025-27714 has been scored as a medium severity vulnerability.
- How to fix CVE-2025-27714?
- To fix CVE-2025-27714: INFINITT recommends the following mitigations: The latest version of the software (3.0.11.5 BN10 or later) is NOT affected, as it includes default security patches. INFINITT ULite is NOT affected by these vulnerabilities. However, if INFINITT ULite is operating as an integrated system with INFINITT PACS, patching is required to secure the PACS environment. * Apply the security patch and configure the System Manager settings to restrict unauthorized file uploads. * Network Security Recommendations: Minimize network exposure for PACS servers, ensuring they are not directly accessible from the internet. * Contact Information: Customers requiring additional support should contact INFINITT Security Team. (cybersecurity@infinitt.com)
- Is CVE-2025-27714 being actively exploited in the wild?
- As for now, there are no information to confirm that CVE-2025-27714 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
- What software or system is affected by CVE-2025-27714?
- CVE-2025-27714 affects INFINITT Healthcare INFINITT PACS System Manager.