CVE-2025-30040 is a critical vulnerability identified in the CGM CLININET product developed by CGM. The vulnerability is classified under CWE-306, which pertains to missing authentication for critical functions. Specifically, this flaw allows unauthenticated users to directly access the endpoint "/cgi-bin/CliniNET.prd/utils/userlogxls.pl" without any authentication checks. By exploiting this endpoint, an attacker can download a file containing session ID data. Session IDs are sensitive tokens used to maintain authenticated sessions between users and the application. Exposure of these tokens can lead to session hijacking, allowing attackers to impersonate legitimate users, potentially gaining unauthorized access to sensitive patient data or administrative functions within the healthcare system. The vulnerability has a CVSS 4.0 base score of 9, indicating a critical severity level. The vector details show that the attack can be performed remotely (Attack Vector: Adjacent Network), with low attack complexity, no privileges required, and no user interaction needed. The impact on confidentiality, integrity, and availability is high, and the scope is changed, meaning exploitation can affect resources beyond the initially vulnerable component. Although no known exploits are currently reported in the wild, the nature of the vulnerability and the criticality of the exposed data make it a significant risk. CGM CLININET is a clinical information system widely used in healthcare environments to manage patient data and clinical workflows. The exposure of session IDs can lead to unauthorized access to patient records, modification of clinical data, and disruption of healthcare services, which can have severe consequences for patient safety and privacy.

For European organizations, particularly healthcare providers using CGM CLININET, this vulnerability poses a severe risk. Unauthorized access to session IDs can lead to session hijacking, allowing attackers to bypass authentication and access sensitive patient information. This compromises patient confidentiality and violates data protection regulations such as the EU's GDPR, potentially resulting in significant legal and financial penalties. Furthermore, attackers could alter clinical data, impacting the integrity of patient records and potentially leading to incorrect medical decisions. Availability may also be affected if attackers disrupt system operations or cause denial of service through unauthorized access. Given the critical role of healthcare IT systems, exploitation could undermine trust in healthcare providers and disrupt essential medical services across Europe.

To mitigate this vulnerability, organizations should immediately restrict access to the "/cgi-bin/CliniNET.prd/utils/userlogxls.pl" endpoint by implementing proper authentication and authorization controls. This includes enforcing strong access control mechanisms such as multi-factor authentication for accessing sensitive endpoints. Network segmentation should be applied to limit access to the CGM CLININET system only to trusted internal networks and authorized personnel. Monitoring and logging access to this endpoint should be enhanced to detect any unauthorized attempts. Since no patch links are currently available, organizations should engage with CGM for urgent security updates or workarounds. Additionally, session management practices should be reviewed and strengthened, including session expiration and token invalidation upon logout. Conducting a thorough security audit of the CGM CLININET deployment and applying compensating controls such as Web Application Firewalls (WAF) to block unauthorized requests to the vulnerable endpoint is recommended until a patch is released.