Update Mechanism Vulnerability in Medixant RadiAnt DICOM Viewer
CVE-2025-1001

5.7MEDIUM

Key Information:

Vendor: Medixant
Status: Radiant Dicom Viewer
Vendor: CVE Published:; 21 February 2025

What is CVE-2025-1001?

The Medixant RadiAnt DICOM Viewer is susceptible to exploitation due to an inadequate update mechanism that fails to validate the certificate of the update server. This flaw presents an opportunity for attackers to potentially alter network traffic via a machine-in-the-middle (MITM) attack, enabling them to intercept and deliver compromised updates to users. As a result, users may inadvertently install malicious software, compromising their systems and sensitive data.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

RadiAnt DICOM Viewer 2024.02

References

https://www.cisa.gov/news-events/ics-medical-advisories/i...

https://www.radiantviewer.com/files/RadiAnt-2025.1-Setup.exe

CVSS V4

Score:

5.7

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

Unknown

Timeline

Vulnerability published
Feb 21, 2025
Vulnerability Reserved
Feb 3, 2025

Credit

Sharon Brizinov of Claroty Team82 reported this vulnerability to CISA.

JSON

Medixant