Memory Corruption Vulnerability in MicroDicom DICOM Viewer by MicroDicom
CVE-2025-2029

4.8MEDIUM

Key Information:

Vendor: Microdicom
Status: Dicom Viewer
Vendor: CVE Published:; 6 March 2025

What is CVE-2025-2029?

A vulnerability was identified in the MicroDicom DICOM Viewer version 2025.1 Build 3321, specifically within the mDicom.exe file. This issue pertains to memory corruption that can be exploited locally, potentially allowing malicious actors to disrupt the normal function of the software. The vendor has confirmed the vulnerability and has addressed it in a subsequent beta release. Users are strongly urged to upgrade to the latest version to mitigate risks associated with this vulnerability.

Affected Version(s)

DICOM Viewer 2025.1 Build 3321

References

https://vuldb.com/?id.298770

vdb-entry

https://vuldb.com/?ctiid.298770

signaturepermissions-required

https://vuldb.com/?submit.506579

third-party-advisory

CVSS V4

Score:

4.8

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Timeline

Vulnerability published
Mar 6, 2025
Vulnerability Reserved
Mar 6, 2025

Credit

0x20z (VulDB User)