DNA View

CVE-2025-1001

Medium

Low Medium High Critical

5.7

CVSS Score

Published: Feb 21, 2025

Last Modified: Feb 21, 2025

CWE: CWE-295

Vulnerability Description

Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the update server's certificate which could allow an attacker to alter network traffic and carry out a machine-in-the-middle attack (MITM). An attacker could modify the server's response and deliver a malicious update to the user.

CVSS Metrics

Common Vulnerability Scoring System

Vector String:

CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Scope

Confidentiality

Integrity

Availability

References & Resources

Severity Details

5.7

out of 10.0

Medium

Weakness Type (CWE)

CWE-295 Top 25 #23

Improper Certificate Validation

Description: The product does not validate, or incorrectly validates, a certificate.
Typical Severity: High
OWASP Top 10: A02:2021-Cryptographic Failures
Abstraction Level: Base