CVE-2025-26469 is a critical security vulnerability identified in MedDream PACS Premium version 7.3.3.840, a medical imaging software widely used for managing and viewing medical images. The vulnerability arises from incorrect default permission assignments in the CServerSettings::SetRegistryValues functionality. Specifically, the issue allows a specially crafted application to decrypt credentials stored within a configuration-related Windows registry key. This registry key contains sensitive authentication data that, if accessed by unauthorized actors, can lead to a full compromise of the affected system. The vulnerability is classified under CWE-732, which pertains to incorrect permission assignment for critical resources, indicating that the permissions set on the registry key are overly permissive or improperly configured, enabling unauthorized access. Exploitation does not require user interaction or prior authentication, and the attack vector is local (AV:L), meaning the attacker must have local access to the system to execute a malicious script or application that leverages this flaw. The vulnerability impacts confidentiality, integrity, and availability, as attackers can obtain credentials, potentially escalate privileges, and execute arbitrary code or scripts, leading to full system compromise. The CVSS v3.1 base score is 9.3, reflecting its critical severity with high impact on all security aspects and low attack complexity. No known exploits in the wild have been reported yet, but the vulnerability's nature and severity make it a high-priority risk for organizations using this software. Given that MedDream PACS Premium is a specialized healthcare product, the vulnerability poses significant risks to healthcare providers, potentially exposing sensitive patient data and disrupting critical medical imaging services.

For European organizations, particularly healthcare providers and medical institutions using MedDream PACS Premium, this vulnerability presents a severe risk. Exploitation could lead to unauthorized disclosure of patient health information, violating GDPR and other data protection regulations, resulting in legal and financial penalties. The ability to decrypt stored credentials and execute malicious code locally could enable attackers to pivot within hospital networks, compromising other critical systems and services. This could disrupt diagnostic workflows, delay patient care, and damage institutional reputation. Furthermore, healthcare infrastructure is often targeted by ransomware and other cyberattacks; this vulnerability could serve as an entry point for such attacks, amplifying operational and safety risks. The critical nature of the vulnerability demands immediate attention to prevent potential breaches that could affect patient safety and data confidentiality across European healthcare systems.

1. Immediate application of vendor patches or updates once released is essential; organizations should monitor MedDream's official channels for security updates addressing CVE-2025-26469. 2. Until patches are available, restrict local access to systems running MedDream PACS Premium to trusted personnel only, minimizing the risk of local exploitation. 3. Implement strict access controls and auditing on registry keys related to MedDream PACS configurations to detect and prevent unauthorized access or modifications. 4. Employ endpoint protection solutions capable of detecting and blocking unauthorized script execution or suspicious local applications. 5. Conduct regular security assessments and privilege reviews on systems hosting PACS software to ensure minimal necessary permissions are granted. 6. Educate IT and security staff about this vulnerability to enhance monitoring and incident response readiness. 7. Consider network segmentation to isolate PACS systems from broader hospital networks, limiting lateral movement in case of compromise. 8. Maintain comprehensive backups of critical data and configurations to enable rapid recovery in the event of an incident.