- What is the severity of CVE-2025-27721?
- CVE-2025-27721 has been scored as a high severity vulnerability.
- How to fix CVE-2025-27721?
- To fix CVE-2025-27721: INFINITT recommends the following mitigations: The latest version of the software (3.0.11.5 BN10 or later) is NOT affected, as it includes default security patches. INFINITT ULite is NOT affected by these vulnerabilities. However, if INFINITT ULite is operating as an integrated system with INFINITT PACS, patching is required to secure the PACS environment. * For CVE-2025-27714 and CVE-2025-24489: Apply the security patch and configure the System Manager settings to restrict unauthorized file uploads. * For CVE-2025-27721: Apply the patch, enforce strong password policies, and enable logging to monitor for unauthorized access attempts. * Network Security Recommendations: Minimize network exposure for PACS servers, ensuring they are not directly accessible from the internet. * Contact Information: Customers requiring additional support should contact INFINITT Security Team. (cybersecurity@infinitt.com)
- Is CVE-2025-27721 being actively exploited in the wild?
- As for now, there are no information to confirm that CVE-2025-27721 is being actively exploited. According to its EPSS score, there is a ~0% probability that this vulnerability will be exploited by malicious actors in the next 30 days.
- What software or system is affected by CVE-2025-27721?
- CVE-2025-27721 affects INFINITT Healthcare INFINITT PACS System Manager.