CVE-2025-1002
MicroDicom DICOM Viewer Improper Certificate Validation
MicroDicom DICOM Viewer version 2024.03
fails to adequately verify the update server's certificate, which could make it possible for attackers in a privileged network position to alter network traffic and carry out a machine-in-the-middle (MITM) attack. This allows the attackers to modify the server's response and deliver a malicious update to the user.
CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
Produtos afetados
MicroDicom · DICOM ViewerQuer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →