Memory Corruption Vulnerability in MicroDicom DICOM Viewer
CVE-2024-25578

7.8HIGH

Key Information:

Vendor: Microdicom
Status: Dicom Viewer
Vendor: CVE Published:; 1 March 2024

What is CVE-2024-25578?

MicroDicom DICOM Viewer versions 2023.3 (Build 9342) and earlier are vulnerable due to inadequate validation of user-supplied data. This flaw can enable attackers to exploit memory corruption within the application, potentially leading to unpredictable behavior or application crashes. It is crucial for users of the affected versions to prioritize updates to ensure robust protection against this vulnerability.

Affected Version(s)

DICOM Viewer 0

References

https://www.cisa.gov/news-events/ics-medical-advisories/i...

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Mar 1, 2024
Vulnerability Reserved
Feb 12, 2024

Credit

Michael Heinzl reported these vulnerabilities to CISA.

Microdicom

What is CVE-2024-25578?

Affected Version(s)

References

CVSS V3.1

Timeline

Credit