CVE-2025-30057 is a critical vulnerability classified under CWE-94 (Improper Control of Generation of Code, commonly known as Code Injection) affecting the CGM CLININET product by CGM. The vulnerability resides in the UHCRTFDoc component, specifically in the ConvertToPDF function, where the filename parameter is improperly sanitized or validated. This flaw allows an attacker with limited privileges (PR:L) to inject arbitrary commands into a system() call, leading to remote code execution without requiring user interaction (UI:N). The vulnerability has a CVSS 4.0 base score of 9.4, indicating a critical severity level. The attack vector is adjacent network (AV:A), meaning the attacker must have access to the same local network or a similar level of access. The vulnerability impacts confidentiality, integrity, and availability at a high level (VC:H, VI:H, VA:H), and the scope is high (SC:H), meaning the exploit can affect resources beyond the vulnerable component. No patches are currently available, and no known exploits have been reported in the wild. The vulnerability was reserved in March 2025 and published in August 2025. The vulnerability allows execution of arbitrary code on the affected system, which could lead to full system compromise, data theft, disruption of services, or lateral movement within a network. Given the nature of CGM CLININET as a clinical information system, exploitation could severely impact healthcare operations and patient data security.

For European organizations, particularly those in the healthcare sector using CGM CLININET, this vulnerability poses a significant risk. Exploitation could lead to unauthorized access to sensitive patient data, disruption of clinical workflows, and potential manipulation or destruction of medical records. The critical nature of the vulnerability means attackers could gain control over affected systems, potentially leading to ransomware deployment or espionage activities. Given the strict regulatory environment in Europe concerning patient data protection (e.g., GDPR), a breach could result in substantial legal and financial penalties. Furthermore, healthcare providers are often targeted by sophisticated threat actors, increasing the likelihood of targeted attacks exploiting this vulnerability. The requirement for adjacent network access somewhat limits remote exploitation but does not eliminate risk, especially in environments with insufficient network segmentation or where remote access solutions are in use. The absence of patches increases the urgency for mitigation to prevent potential exploitation.

1. Immediate network segmentation: Isolate CGM CLININET systems from other critical network segments and restrict access to trusted devices only. 2. Implement strict access controls: Limit user privileges on affected systems to the minimum necessary, especially restricting access to the UHCRTFDoc component and the ConvertToPDF function. 3. Monitor and log system calls: Deploy monitoring solutions to detect unusual system() call invocations or suspicious command execution patterns related to the filename parameter. 4. Input validation and filtering: If possible, apply application-layer filtering or proxy solutions to sanitize inputs to the vulnerable function until an official patch is released. 5. Incident response readiness: Prepare for potential exploitation by updating incident response plans, focusing on rapid detection and containment of code injection attacks. 6. Vendor engagement: Maintain communication with CGM for updates on patches or workarounds and apply them promptly once available. 7. Network-level protections: Use intrusion detection/prevention systems (IDS/IPS) tuned to detect command injection attempts targeting CGM CLININET. 8. User education: Train staff to recognize signs of compromise and report anomalies promptly.