Skip to main content

CVE-2025-5943: CWE-787 Out-of-bounds Write in MicroDicom DICOM Viewer

High
VulnerabilityCVE-2025-5943cvecve-2025-5943cwe-787
Published: Tue Jun 10 2025 (06/10/2025, 17:42:33 UTC)
Source: CVE Database V5
Vendor/Project: MicroDicom
Product: DICOM Viewer

Description

MicroDicom DICOM Viewer suffers from an out-of-bounds write vulnerability. Remote attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of DICOM Viewer. User interaction is required to exploit the vulnerability in that the user must either visit a malicious website or open a malicious DICOM file locally.

AI-Powered Analysis

AILast updated: 07/10/2025, 19:49:51 UTC

Technical Analysis

CVE-2025-5943 is a high-severity vulnerability classified as CWE-787 (Out-of-bounds Write) affecting MicroDicom DICOM Viewer, a software application used for viewing medical images in the DICOM format. The vulnerability arises from improper handling of memory boundaries, allowing a remote attacker to write data outside the intended buffer limits. This can lead to arbitrary code execution on the affected system. Exploitation requires user interaction, specifically the user must either open a maliciously crafted DICOM file locally or visit a malicious website that delivers such a file. The vulnerability has a CVSS 4.0 base score of 8.6, indicating a high impact with network attack vector, low attack complexity, no privileges required, but user interaction is necessary. The impact on confidentiality, integrity, and availability is high, as successful exploitation could allow an attacker to execute arbitrary code, potentially leading to full system compromise. No patches or known exploits in the wild are currently reported, but the vulnerability is publicly disclosed and should be considered a significant risk, especially in environments where MicroDicom DICOM Viewer is used to process medical imaging data.

Potential Impact

For European organizations, particularly healthcare providers and medical research institutions that rely on MicroDicom DICOM Viewer for diagnostic imaging, this vulnerability poses a critical risk. Exploitation could lead to unauthorized access to sensitive patient data, manipulation or destruction of medical images, and disruption of clinical workflows. Given the strict regulatory environment in Europe, including GDPR and medical data protection laws, a breach resulting from this vulnerability could lead to severe legal and financial consequences. Additionally, the ability to execute arbitrary code remotely could allow attackers to deploy ransomware or other malware, further impacting availability and patient care. The requirement for user interaction means that phishing or social engineering campaigns could be leveraged to trick medical staff into opening malicious files, increasing the attack surface.

Mitigation Recommendations

To mitigate this vulnerability, European healthcare organizations should implement the following specific measures: 1) Immediately audit all systems running MicroDicom DICOM Viewer and restrict its use to trusted personnel only. 2) Employ strict file validation and scanning procedures for all incoming DICOM files, including those received via email or downloaded from the internet, using advanced malware detection tools capable of analyzing medical image files. 3) Educate medical staff and IT personnel about the risks of opening untrusted DICOM files and visiting suspicious websites, emphasizing the importance of verifying file sources. 4) Utilize application whitelisting and sandboxing techniques to isolate MicroDicom Viewer processes, limiting the potential impact of exploitation. 5) Monitor network traffic and endpoint behavior for anomalies indicative of exploitation attempts, such as unexpected code execution or memory corruption alerts. 6) Engage with MicroDicom vendor support channels to obtain patches or updates as soon as they become available and apply them promptly. 7) Consider alternative DICOM viewers with a stronger security track record until this vulnerability is resolved.

Need more detailed analysis?Get Pro

Technical Details

Data Version
5.1
Assigner Short Name
icscert
Date Reserved
2025-06-09T16:39:58.384Z
Cvss Version
4.0
State
PUBLISHED

Threat ID: 68487f501b0bd07c393899b4

Added to database: 6/10/2025, 6:54:08 PM

Last enriched: 7/10/2025, 7:49:51 PM

Last updated: 8/8/2025, 8:21:20 PM

Views: 10

Actions

PRO

Updates to AI analysis are available only with a Pro account. Contact root@offseq.com for access.

Please log in to the Console to use AI analysis features.

Need enhanced features?

Contact root@offseq.com for Pro access with improved analysis and higher rate limits.

Latest Threats