PT-2025-39873 · Medical Informatics Engineering · Enterprise Health
Fernando Martinez
+3
·
Published
2025-09-29
·
Updated
2026-01-02
·
CVE-2025-35032
CVSS v3.1
9.9
Critical
| Vector | AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Medical Informatics Engineering Enterprise Health versions prior to 2025-04-08
Description
Authenticated users are able to upload arbitrary files. The impact of this behavior is dependent on how these files are accessed. Approximately 2000 healthcare organizations worldwide utilize this software. There are no details about real-world exploitation of this issue.
Recommendations
Update to version 2025-04-08 or later.
Fix
Unrestricted File Upload
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Enterprise Health