CVE-2025-26469 is a critical security vulnerability identified in MedDream PACS Premium version 7.3.3.840, specifically within the CServerSettings::SetRegistryValues function. The vulnerability arises from incorrect default permissions assigned to a registry key that stores configuration-related credentials. Due to these improper permissions, a local attacker can access and decrypt sensitive credentials without requiring authentication or user interaction. This exposure allows the attacker to execute malicious scripts or applications on the affected system, potentially leading to full system compromise. The vulnerability is classified under CWE-732 (Incorrect Permission Assignment for Critical Resource), indicating a fundamental flaw in access control design. The CVSS v3.1 base score is 9.3 (critical), reflecting high impact on confidentiality, integrity, and availability, with low attack complexity and no privileges or user interaction required. Although no known exploits are currently in the wild, the vulnerability's nature makes it a prime target for attackers aiming to gain unauthorized access to medical imaging systems. MedDream PACS Premium is widely used in healthcare environments for managing and storing medical images, making the confidentiality and integrity of stored credentials critical for patient data protection and system reliability. Exploitation could lead to unauthorized data access, manipulation of medical images, disruption of healthcare services, and potential violations of data protection regulations.

The impact of CVE-2025-26469 on European organizations, particularly healthcare providers, is significant. MedDream PACS Premium is a critical component in medical imaging workflows, and unauthorized access to stored credentials can lead to full system compromise. This could result in exposure of sensitive patient data, alteration or deletion of medical images, and disruption of diagnostic services, directly affecting patient care quality and safety. Additionally, compromised systems may be leveraged for lateral movement within hospital networks, increasing the risk of broader ransomware or data breach incidents. The breach of confidentiality and integrity of medical data also poses compliance risks under GDPR and other European data protection laws, potentially leading to legal and financial penalties. Given the criticality of healthcare infrastructure, such vulnerabilities can undermine trust in digital health services and cause operational downtime with cascading effects on healthcare delivery.

To mitigate CVE-2025-26469, European healthcare organizations should immediately verify and restrict permissions on the affected registry keys to ensure only authorized system processes and administrators have access. Applying vendor patches or updates as soon as they become available is essential. In the absence of patches, organizations should implement compensating controls such as application whitelisting to prevent execution of unauthorized scripts or applications. Network segmentation should be enforced to limit access to PACS servers, and robust monitoring should be deployed to detect anomalous access patterns or privilege escalations. Regular audits of system permissions and credential storage practices are recommended to identify and remediate similar misconfigurations. Additionally, organizations should enforce strict endpoint security policies and educate staff about the risks of local exploitation. Incident response plans should be updated to address potential exploitation scenarios involving PACS systems.