CVE-2025-11266 identifies a vulnerability classified as CWE-787 (Out-of-bounds Write) in the Grassroots DICOM library (GDCM), a widely used open-source toolkit for handling DICOM medical imaging files. The flaw arises during the parsing of malformed DICOM files that contain encapsulated PixelData fragments, which are compressed image data stored as multiple fragments. Specifically, an unsigned integer underflow occurs during buffer indexing, leading to an out-of-bounds write in memory. This memory corruption triggers a segmentation fault, causing the application to crash and resulting in a denial-of-service (DoS) condition. Exploitation requires an attacker to supply a crafted malicious DICOM file that, when opened by a vulnerable application using GDCM, triggers the fault. No authentication or elevated privileges are needed, but user interaction is required to open the file. The vulnerability affects version 0 of GDCM, with no patches currently linked. The CVSS 4.0 base score is 6.8 (medium severity), reflecting local attack vector, low complexity, no privileges required, user interaction needed, and high impact on availability. There are no known exploits in the wild at this time. This vulnerability primarily threatens the availability of medical imaging systems that rely on GDCM for DICOM file processing, potentially disrupting clinical workflows and patient care.

The primary impact of CVE-2025-11266 is denial-of-service, which can disrupt medical imaging applications and healthcare workflows that depend on the Grassroots DICOM library. In European healthcare environments, this could lead to temporary unavailability of diagnostic imaging systems, delayed patient diagnoses, and increased operational risk. While the vulnerability does not directly compromise confidentiality or integrity, the disruption of availability in critical healthcare infrastructure can have severe downstream effects on patient safety and treatment timelines. Additionally, repeated exploitation attempts could strain IT resources and incident response teams. Since the vulnerability requires user interaction (opening a malicious file), the risk is somewhat mitigated by controlled file handling policies but remains significant given the widespread use of DICOM standards in European hospitals and clinics. The lack of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers could develop exploits targeting vulnerable versions.

1. Monitor for and apply official patches or updates from the Grassroots DICOM project as soon as they become available to remediate the vulnerability. 2. Implement strict validation and sanitization of all incoming DICOM files before processing, using whitelisting or file integrity checks to detect malformed or suspicious files. 3. Restrict the sources of DICOM files to trusted and authenticated entities only, minimizing exposure to malicious inputs. 4. Employ sandboxing or isolation techniques for applications that process DICOM files to contain potential crashes and prevent broader system impact. 5. Train healthcare staff and IT personnel to recognize suspicious files and avoid opening untrusted DICOM files. 6. Maintain comprehensive logging and monitoring of DICOM file processing activities to detect anomalous behavior indicative of exploitation attempts. 7. Consider deploying runtime protections such as Address Space Layout Randomization (ASLR) and Data Execution Prevention (DEP) on systems running GDCM to reduce exploitation success likelihood. 8. Coordinate with medical device vendors and software providers to ensure timely vulnerability management and incident response readiness.