cve-2025-54551

About this tag
CVE-2025-54551 is a privilege-escalation vulnerability in FUJIFILM Healthcare Americas Synapse Mobility, a web-based medical imaging viewer used in hospitals and imaging centers. The flaw allows remote attackers to bypass role-based access controls by manipulating an assumed-immutable web parameter (CWE-472), potentially exposing protected DICOM imaging data. CISA issued an emergency medical advisory urging upgrades to version 8.2 or later and implementing short-term mitigations to reduce risk. This tag covers discussions about the vulnerability, its impact on healthcare environments, and recommended remediation steps.
  1. CISA: 3 Urgent ICS/Medical Advisories (MELSEC iQ-F, Mitsubishi AC, Synapse Mobility)

    CISA’s August 21, 2025 advisory bundle added three urgent entries to the growing list of industrial control system (ICS) and medical-device vulnerabilities security teams must treat as high priority this month. The agency published advisories for a denial-of-service vector in the Mitsubishi...
  2. CVE-2025-54551: Upgrade FUJIFILM Synapse Mobility to 8.2+ and Apply Mitigations

    FUJIFILM Healthcare Americas’ Synapse Mobility contains a web-parameter privilege-escalation flaw—tracked as CVE-2025-54551—that can be exploited remotely to bypass role-based access controls and expose protected imaging data, and CISA’s emergency medical advisory urges immediate upgrades to...