These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.
CVE-2025-5943 is a high-severity out-of-bounds write vulnerability in MicroDicom DICOM Viewer. According to CISA, a remote attacker could potentially execute arbitrary code on affected installations if they can get a user to either visit a malicious website or open a malicious DICOM file locally. MicroDicom’s remediation guidance is to update DICOM Viewer to version 2025.3 or later.
MicroDicom DICOM Viewer is affected by an out-of-bounds write that may allow arbitrary code execution when a user opens a malicious DCM file. CISA published the advisory as ICSMA-25-121-01 on 2025-05-01 and later revised it on 2025-05-06 for typos. MicroDicom’s remediation is to update DICOM Viewer to version 2025.2 or later.
CVE-2025-1002 is a medium-severity update integrity issue in MicroDicom DICOM Viewer. CISA says the application does not adequately verify the update server's certificate, which could let an attacker in a privileged network position intercept and modify update traffic and deliver a malicious update. MicroDicom's remediation is to upgrade to DICOM Viewer version 2025.1.