CVE-2025-5943
HIGHMicroDicom DICOM Viewer - Out-of-Bounds Write Code Execution
Title source: manualDescription
MicroDicom DICOM Viewer suffers from an out-of-bounds write vulnerability. Remote attackers are able to exploit this issue to potentially execute arbitrary code on affected installations of DICOM Viewer. User interaction is required to exploit the vulnerability in that the user must either visit a malicious website or open a malicious DICOM file locally.
References (1)
Core 1
Core References
Third Party Advisory, US Government Resource
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-160-01
Scores
CVSS v3
8.8
EPSS
0.0060
EPSS Percentile
44.0%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
total
Details
CWE
CWE-787
Status
published
Products (1)
MicroDicom/DICOM Viewer
< 2025.2 (Build 8154)
Published
Jun 10, 2025
Tracked Since
Feb 18, 2026