CVE-2024-25578 MicroDicom CVE debrief

Who should care

Healthcare organizations, medical imaging departments, radiology practices, and any clinical environments using MicroDicom DICOM Viewer for medical image review. Security teams responsible for medical device cybersecurity and HIPAA-covered entities maintaining secure configurations for diagnostic imaging workstations.

Technical summary

The vulnerability stems from insufficient validation of user-supplied data in MicroDicom DICOM Viewer, a medical imaging application used for viewing DICOM files. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) indicates a local attack vector with low attack complexity, no privilege requirements, but requiring user interaction. Successful exploitation could lead to memory corruption with high impact across confidentiality, integrity, and availability dimensions. The vulnerability affects all versions through 2023.3 (Build 9342).

Defensive priority

HIGH

Recommended defensive actions

• Upgrade MicroDicom DICOM Viewer to version 2024.1 or later
• Validate all DICOM files from untrusted sources before opening
• Implement application whitelisting to prevent execution of unauthorized software
• Apply principle of least privilege for user accounts running DICOM viewer software
• Monitor for anomalous application crashes or unexpected memory errors
• Contact MicroDicom directly for additional assistance if needed

Evidence notes

CISA published advisory ICSMA-24-060-01 on February 29, 2024, identifying this vulnerability in MicroDicom DICOM Viewer. The advisory confirms affected versions through 2023.3 (Build 9342) and availability of fix version 2024.1. CVSS vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H sourced from CISA CSAF data.

Official resources