CVE-2025-5943 | THREATINT

Description

MicroDicom DICOM Viewer suffers from an out-of-bounds write vulnerability. Remote attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of DICOM Viewer. User interaction is required to exploit the vulnerability in that the user must either visit a malicious website or open a malicious DICOM file locally.

PUBLISHED Reserved 2025-06-09 | Published 2025-06-10 | Updated 2025-06-11 | Assigner icscert

HIGH: 8.6CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

HIGH: 8.8CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Problem types

CWE-787 Out-of-bounds Write

Product status

Default status

unaffected

Any version

affected

Credits

Michael Heinzl reported this vulnerability to CISA. finder

References

www.cisa.gov/...vents/ics-medical-advisories/icsma-25-160-01

cve.org (CVE-2025-5943)

nvd.nist.gov (CVE-2025-5943)

Download JSON