CVE-2023-40150 – Softneta MedDream PACS has a critical vulnerabi... (How to Fix)

Q: What is the severity of CVE-2023-40150?

CVE-2023-40150 has a CVSS score of 9.8 (CRITICAL). Softneta MedDream PACS has a critical vulnerability that allows unauthenticated attackers to execute arbitrary code remotely without authentication. This affects all systems running vulnerable versions of the software, potentially compromising medical imaging data and system integrity.

📋 TL;DR

Softneta MedDream PACS has a critical vulnerability that allows unauthenticated attackers to execute arbitrary code remotely without authentication. This affects all systems running vulnerable versions of the software, potentially compromising medical imaging data and system integrity.

💻 Affected Systems

Products:

Softneta MedDream PACS

Versions: Specific versions not detailed in CVE; assume all versions prior to patched release are vulnerable.

Operating Systems: Not specified, likely cross-platform as it's a PACS application.

Default Config Vulnerable: ⚠️ Yes

Notes: The vulnerability involves missing authentication checks for dangerous functionality, so default configurations are likely vulnerable.

📦 What is this software?

Meddream Pacs by Softneta

View all CVEs affecting Meddream Pacs →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system takeover, data theft, ransomware deployment, or disruption of medical services leading to patient harm.

🟠

Likely Case

Unauthorized access to sensitive medical data, installation of malware, or use of the system as a foothold for further attacks.

🟢

If Mitigated

Limited impact if network segmentation and strict access controls are in place, but risk remains high due to the unauthenticated nature.

🌐 Internet-Facing: HIGH, as the vulnerability can be exploited remotely without authentication, making internet-exposed systems prime targets.

🏢 Internal Only: HIGH, because internal attackers or compromised devices could exploit it to gain control over the system.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW, due to the lack of authentication requirement.

Exploitation is straightforward as it bypasses authentication, but no public proof-of-concept is confirmed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific patched version.

Vendor Advisory: https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-248-01

Restart Required: Yes

Instructions:

1. Review the CISA advisory for details. 2. Contact Softneta for the latest patch. 3. Apply the patch following vendor instructions. 4. Restart the MedDream PACS service as required.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate MedDream PACS systems from untrusted networks to limit exposure.

Access Control Lists

all

Restrict network access to the PACS service using firewalls or ACLs to trusted IPs only.

🧯 If You Can't Patch

Implement strict network segmentation to isolate the system from other networks.
Monitor logs and network traffic for unusual activity indicative of exploitation.

🔍 How to Verify

Check if Vulnerable:

Check the MedDream PACS version against the patched version listed in the vendor advisory.

Check Version:

Consult MedDream PACS documentation or interface for version information; no standard command provided.

Verify Fix Applied:

Verify the patch is applied by confirming the version matches the patched release and testing authentication requirements.

📡 Detection & Monitoring

Log Indicators:

Unauthenticated access attempts to sensitive endpoints, unusual process executions, or error logs related to authentication failures.

Network Indicators:

Unusual inbound traffic to MedDream PACS ports, especially from untrusted sources.

SIEM Query:

Example: 'source_ip NOT IN trusted_list AND destination_port = [PACS_PORT] AND event_type = "authentication_failure"'

📊 Metadata

CVE ID: CVE-2023-40150

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-749

Published: September 11, 2023

Last Updated: November 21, 2024

🔗 References

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-248-01 Broken Link,Third Party Advisory,US Government Resource
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-248-01 Broken Link,Third Party Advisory,US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-40150, you might also want to check these: