Skip to main content
CybersecurityHealthcare

MicroDicom DICOM Viewer

MicroDicom DICOM Viewer

Summary of MicroDicom DICOM Viewer Vulnerability

This document outlines a vulnerability in the MicroDicom DICOM Viewer, specifically related to improper certificate validation, which could allow for machine-in-the-middle (MITM) attacks. The vulnerability has been assigned CVE-2025-1002 and has a CVSS v4 score of 5.7.

Key Points

  • CVSS v4 Score: 5.7
  • Attack Complexity: Low
  • Vendor: MicroDicom
  • Affected Product: MicroDicom DICOM Viewer Version 2024.03
  • Vulnerability Type: Improper Certificate Validation

Risk Evaluation

Exploitation of this vulnerability could enable attackers to alter network traffic, potentially leading to malicious updates being delivered to users.

Mitigations

Users are advised to upgrade to DICOM Viewer version 2025.1. Additional recommendations include:

  • Minimizing network exposure for control systems.
  • Using firewalls to isolate control system networks.
  • Implementing secure remote access methods, such as VPNs.