Out-of-Bounds Write Vulnerability in MicroDicom DICOM Viewer
CVE-2025-5943

8.6HIGH

Key Information:

Vendor: Microdicom
Status: Dicom Viewer
Vendor: CVE Published:; 10 June 2025

What is CVE-2025-5943?

The MicroDicom DICOM Viewer contains an out-of-bounds write vulnerability that allows remote attackers to exploit the system and potentially execute arbitrary code. The exploitation of this issue requires user interaction, as it involves either visiting a malicious website or opening a compromised DICOM file. This vulnerability highlights the importance of exercising caution when handling DICOM files and the need for strong cybersecurity measures.

Affected Version(s)

DICOM Viewer 0 <= 2025.2 (Build 8154)

References

https://www.cisa.gov/news-events/ics-medical-advisories/i...

CVSS V4

Score:

8.6

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

Unknown

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 10, 2025
Vulnerability Reserved
Jun 9, 2025

Credit

Michael Heinzl reported this vulnerability to CISA.

Microdicom

What is CVE-2025-5943?

Affected Version(s)

References

CVSS V4

Timeline

Credit