CVE-2025-1001

MEDIUM

Medixant RadiAnt DICOM Viewer - MITM

Title source: llm

Description

Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the update server's certificate which could allow an attacker to alter network traffic and carry out a machine-in-the-middle attack (MITM). An attacker could modify the server's response and deliver a malicious update to the user.

References (2)

[Various Sources] https://www.radiantviewer.com/files/RadiAnt-2025.1-Setup.exe

[Third Party Advisory, US Government Resource] https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-051-01

Scores

CVSS v3 5.7

EPSS 0.0001

EPSS Percentile 2.3%

Attack Vector ADJACENT_NETWORK

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact partial

Details

CWE

CWE-295

Status published

Products (1)

Medixant/RadiAnt DICOM Viewer 2024.02

Published Feb 21, 2025

Tracked Since Feb 18, 2026