EUVD-2025-17756

| CVE-2025-5943 HIGH
2025-06-10 [email protected]
Buffer Overflow RCE
8.8
CVSS 3.1
Share

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

3
Analysis Generated
Mar 14, 2026 - 19:49 vuln.today
EUVD ID Assigned
Mar 14, 2026 - 19:49 euvd
EUVD-2025-17756
CVE Published
Jun 10, 2025 - 18:15 nvd
HIGH 8.8

DescriptionNVD

MicroDicom

DICOM Viewer suffers from an out-of-bounds write vulnerability. Remote attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of DICOM Viewer. User interaction is required to exploit the vulnerability in that the user must either visit a malicious website or open a malicious DICOM file locally.

AnalysisAI

MicroDicom DICOM Viewer contains an out-of-bounds write vulnerability (CWE-787) that allows remote attackers to execute arbitrary code with high integrity and confidentiality impact (CVSS 8.8). The vulnerability requires user interaction-either visiting a malicious website or opening a crafted DICOM file-making it exploitable in realistic attack scenarios. No active exploitation in the wild (KEV) or public POC has been confirmed at this time, but the network-accessible attack vector and low complexity suggest meaningful real-world risk.

Technical ContextAI

MicroDicom is a DICOM (Digital Imaging and Communications in Medicine) viewer application used in healthcare and medical imaging contexts. The vulnerability exists in the DICOM file parsing logic, where insufficient bounds checking during memory write operations allows an attacker to write data beyond allocated buffer boundaries. CWE-787 (Out-of-bounds Write) is a classic memory safety issue that can lead to heap corruption, stack smashing, or code execution depending on what memory regions are overwritten. The root cause likely stems from the DICOM parser's handling of variable-length data fields (such as pixel data, sequences, or vendor-private tags) without proper size validation before committing writes. DICOM files are binary-formatted and complex, with nested structures that create numerous opportunities for parser bugs if input validation is insufficient.

RemediationAI

  1. Patch immediately: Contact MicroDicom (microdicom.com or relevant vendor) to obtain and deploy the latest patched version once available. 2. Interim mitigations (if patch is unavailable): Restrict file access controls—disable auto-opening of DICOM files from untrusted sources; educate users not to open DICOM files from unsolicited emails or unverified sources; isolate MicroDicom instances to non-internet-facing systems where possible. 3. Network controls: Deploy email gateway filtering to block or quarantine DICOM file attachments from external senders; disable browser plugins or handlers that auto-launch DICOM viewers. 4. Monitoring: Enable endpoint detection and response (EDR) to flag suspicious memory corruption patterns or code execution attempts within MicroDicom processes. 5. Follow vendor advisory: Monitor MicroDicom's official security page and subscribe to vendor advisories for patch availability and detailed remediation guidance.

Share

EUVD-2025-17756 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy