CVE-2025-53912 is an arbitrary file read vulnerability classified under CWE-73 (External Control of File Name or Path) affecting MedDream PACS Premium version 7.3.6.870. The flaw exists in the encapsulatedDoc functionality, which improperly handles user-supplied input controlling file paths. An attacker can send a specially crafted HTTP request to the vulnerable endpoint, causing the application to read and disclose arbitrary files from the server's filesystem. This can lead to unauthorized disclosure of sensitive information, including patient data and system configuration files. The vulnerability has a CVSS v3.1 base score of 9.6, indicating critical severity, with attack vector network (AV:N), low attack complexity (AC:L), requiring privileges (PR:L), no user interaction (UI:N), and scope changed (S:C). The impact on confidentiality and integrity is high, while availability is not affected. No public exploits have been reported yet, but the vulnerability's nature and ease of exploitation make it a high-risk issue. The vulnerability was reserved in August 2025 and published in January 2026. MedDream PACS Premium is a widely used Picture Archiving and Communication System in healthcare environments, making this vulnerability particularly concerning for medical institutions.

For European organizations, especially healthcare providers, this vulnerability poses a significant risk of unauthorized access to sensitive patient data, violating GDPR and other data protection laws. Exposure of medical images, patient records, and system credentials could lead to privacy breaches, reputational damage, and regulatory penalties. The integrity of medical data could be compromised if attackers manipulate or exfiltrate files. Given the critical nature of healthcare services, such breaches could disrupt clinical workflows and patient care indirectly. The vulnerability's network accessibility and low complexity increase the likelihood of exploitation, potentially by insider threats or external attackers with limited privileges. This could also facilitate lateral movement within healthcare networks, escalating the overall risk posture. European healthcare institutions are prime targets due to their reliance on PACS systems and the high value of medical data on the black market.

1. Apply official patches or updates from MedDream as soon as they become available to address the vulnerability directly. 2. Until patches are released, restrict network access to the PACS system, especially the encapsulatedDoc functionality, using network segmentation and firewall rules. 3. Implement strict input validation and sanitization on all user-supplied parameters controlling file paths to prevent path traversal or arbitrary file access. 4. Deploy Web Application Firewalls (WAFs) with custom rules to detect and block suspicious HTTP requests targeting file path parameters. 5. Conduct regular security audits and penetration testing focused on file handling functionalities within PACS systems. 6. Monitor system logs for unusual file access patterns or repeated failed attempts to access unauthorized files. 7. Educate system administrators and users about the risks and signs of exploitation attempts. 8. Consider deploying endpoint detection and response (EDR) solutions to detect lateral movement or data exfiltration attempts post-compromise.