CVE-2025-1001 Medixant CVE debrief

Who should care

Organizations and individuals using RadiAnt DICOM Viewer, especially if they rely on the built-in update workflow or operate in environments where network traffic can be intercepted or modified.

Technical summary

The advisory describes an update-trust failure: the software does not verify the update server certificate before accepting update-related responses. In practice, that creates a machine-in-the-middle opportunity where an attacker on the network path could tamper with update content and deliver a malicious update. The provided CVSS v3.1 vector is AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N, which aligns with an attack that requires user interaction and can strongly impact integrity.

Defensive priority

Medium, but time-sensitive: update-path weaknesses can become high-impact if users trust in-app update prompts. Apply the vendor fix promptly and reduce reliance on the built-in updater until patched.

Recommended defensive actions

• Upgrade RadiAnt DICOM Viewer to v2025.1 or later.
• If you cannot upgrade immediately, disable update checks with the vendor-provided registry setting: reg add "HKCU\Software\RadiAnt Viewer" /t REG_DWORD /v CheckUpdate /d 0 /f.
• Do not use the in-app "Check for updates now" function until the system is updated.
• Download the installer directly from the vendor website rather than following update prompts.
• Scan the downloaded installer with antivirus software before execution.
• Monitor for unexpected update prompts or installer changes on endpoints that use RadiAnt DICOM Viewer.

Evidence notes

All material in this debrief is taken from the supplied CISA CSAF advisory for ICSMA-25-051-01 / CVE-2025-1001 and its listed remediation guidance. The issue date used here is the CVE/advisory publication date, 2025-02-20. No exploit code, reproduction steps, or unsupported claims are included.

Official resources