CVE-2024-25578 – MicroDicom DICOM Viewer versions 2023.3 and ear... (How to Fix)

Q: What is the severity of CVE-2024-25578?

CVE-2024-25578 has a CVSS score of 7.8 (HIGH). MicroDicom DICOM Viewer versions 2023.3 and earlier contain a memory corruption vulnerability due to improper input validation. This could allow attackers to execute arbitrary code or crash the application. Healthcare organizations and medical imaging users running affected versions are at risk.

📋 TL;DR

MicroDicom DICOM Viewer versions 2023.3 and earlier contain a memory corruption vulnerability due to improper input validation. This could allow attackers to execute arbitrary code or crash the application. Healthcare organizations and medical imaging users running affected versions are at risk.

💻 Affected Systems

Products:

MicroDicom DICOM Viewer

Versions: 2023.3 (Build 9342) and prior versions

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Primarily affects medical imaging environments; vulnerability exists in standard installations.

📦 What is this software?

Dicom Viewer by Microdicom

View all CVEs affecting Dicom Viewer →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Remote code execution leading to complete system compromise, data theft, or ransomware deployment on medical imaging workstations.

🟠

Likely Case

Application crash causing denial of service, potentially disrupting medical imaging workflows and patient care.

🟢

If Mitigated

Limited impact with proper network segmentation and endpoint protection, possibly just application instability.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: MEDIUM

Memory corruption vulnerabilities typically require some exploit development; no public exploits confirmed.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions after 2023.3 (Build 9342)

Vendor Advisory: https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-060-01

Restart Required: Yes

Instructions:

1. Download latest version from MicroDicom website. 2. Uninstall current version. 3. Install updated version. 4. Restart system.

🔧 Temporary Workarounds

Network Segmentation

all

Isolate DICOM viewers from untrusted networks and internet access.

Application Whitelisting

windows

Restrict execution to only approved applications and block unknown processes.

🧯 If You Can't Patch

Implement strict network access controls to limit exposure
Deploy endpoint detection and response (EDR) solutions with memory protection

🔍 How to Verify

Check if Vulnerable:

Check Help > About in MicroDicom Viewer; if version is 2023.3 or earlier, you are vulnerable.

Check Version:

Not applicable for GUI application; check via application interface.

Verify Fix Applied:

Verify version is newer than 2023.3 (Build 9342) in Help > About.

📡 Detection & Monitoring

Log Indicators:

Application crash logs
Unexpected memory access errors in system logs

Network Indicators:

Unusual network connections from DICOM viewer
Suspicious file transfers to/from viewer

SIEM Query:

EventID=1000 OR EventID=1001 Source='MicroDicom' OR ProcessName='MicroDicom.exe'

📊 Metadata

CVE ID: CVE-2024-25578

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-787

Published: March 1, 2024

Last Updated: March 6, 2025

🔗 References

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-060-01 US Government Resource
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-060-01 US Government Resource

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-25578, you might also want to check these: