CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-5943: MicroDicom DICOM Viewer Out-of-bounds Write

8.6 CVSS

Description

MicroDicom

DICOM Viewer suffers from an out-of-bounds write vulnerability. Remote attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of DICOM Viewer. User interaction is required to exploit the vulnerability in that the user must either visit a malicious website or open a malicious DICOM file locally.

Classification

CVE ID: CVE-2025-5943

CVSS Base Severity: HIGH

CVSS Base Score: 8.6

CVSS Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem Types

CWE-787 Out-of-bounds Write

Affected Products

Vendor: MicroDicom

Product: DICOM Viewer

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.18% (probability of being exploited)

EPSS Percentile: 39.67% (scored less or equal to compared to others)

EPSS Date: 2025-06-21 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-5943
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-160-01

Timeline

2025-06-10 16:15:39 UTC
All CISA Advisories

MicroDicom DICOM Viewer
2025-06-10 23:40:15 UTC
CVE

MicroDicom DICOM Viewer Out-of-bounds Write