CVE-2024-27629 is a vulnerability identified in the dc2niix software, a tool commonly used for converting DICOM medical imaging files to NIfTI format. The flaw exists in versions before 1.0.20240202 and is related to improper escaping of generated file names that are subsequently passed into system calls during compression operations. Specifically, when certain compression types are applied, the software fails to sanitize the file name input, allowing an attacker with local access and limited privileges to inject arbitrary commands. This vulnerability is classified under CWE-116 (Improper Encoding or Escaping of Output), which typically leads to injection attacks. The CVSS v3.1 base score is 7.8, indicating a high severity due to the potential for full system compromise. The attack vector is local (AV:L), requiring low attack complexity (AC:L) and low privileges (PR:L), with no user interaction (UI:N). The scope remains unchanged (S:U), but the impact on confidentiality, integrity, and availability is high (C:H/I:H/A:H). Although no public exploits are known at this time, the vulnerability poses a significant risk to environments where dc2niix is used, especially in healthcare settings handling sensitive medical data.

The vulnerability allows local attackers to execute arbitrary code with the privileges of the dc2niix process, potentially leading to full system compromise. This can result in unauthorized access to sensitive medical imaging data, alteration or deletion of files, and disruption of medical workflows. Given dc2niix's role in medical imaging pipelines, exploitation could undermine patient data confidentiality and integrity, and impact availability of diagnostic services. Organizations relying on dc2niix in clinical or research environments face risks of data breaches, regulatory non-compliance, and operational downtime. The local attack vector limits remote exploitation but insider threats or compromised local accounts could leverage this flaw. The high impact on all security properties (confidentiality, integrity, availability) makes this a critical concern for healthcare providers and associated IT infrastructure.

Organizations should immediately upgrade dc2niix to version 1.0.20240202 or later where the vulnerability is patched. If upgrading is not immediately feasible, restrict local access to systems running dc2niix to trusted users only and implement strict access controls and monitoring. Employ application whitelisting and endpoint detection to identify suspicious command executions. Review and harden system call usage policies and sanitize inputs in any custom scripts interacting with dc2niix outputs. Regularly audit local user privileges and remove unnecessary accounts to reduce attack surface. Additionally, isolate medical imaging processing environments from general user workstations to limit potential exploitation vectors. Maintain up-to-date backups of critical data to enable recovery in case of compromise.