Vulnerability-Lookup

FKIE_CVE-2025-1001

Vulnerability from fkie_nvd - Published: 2025-02-21 01:15 - Updated: 2025-02-21 01:15

Severity ?

5.7 (Medium) - CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Summary

Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the update server's certificate which could allow an attacker to alter network traffic and carry out a machine-in-the-middle attack (MITM). An attacker could modify the server's response and deliver a malicious update to the user.

References

	URL	Tags
	ics-cert@hq.dhs.gov	https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-051-01
	ics-cert@hq.dhs.gov	https://www.radiantviewer.com/files/RadiAnt-2025.1-Setup.exe

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the update server\u0027s certificate which could allow an attacker to alter network traffic and carry out a machine-in-the-middle attack (MITM). An attacker could modify the server\u0027s response and deliver a malicious update to the user."
    },
    {
      "lang": "es",
      "value": "Medixant RadiAnt DICOM Viewer es vulnerable debido a una falla del mecanismo de actualizaci\u00f3n para verificar el certificado del servidor de actualizaci\u00f3n, lo que podr\u00eda permitir que un atacante altere el tr\u00e1fico de la red y lleve a cabo un ataque de tipo m\u00e1quina intermedia (MITM). Un atacante podr\u00eda modificar la respuesta del servidor y enviar una actualizaci\u00f3n maliciosa al usuario."
    }
  ],
  "id": "CVE-2025-1001",
  "lastModified": "2025-02-21T01:15:09.533",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 5.7,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 2.1,
        "impactScore": 3.6,
        "source": "ics-cert@hq.dhs.gov",
        "type": "Secondary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "PRESENT",
          "attackVector": "ADJACENT",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.7,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "userInteraction": "ACTIVE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "ics-cert@hq.dhs.gov",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-02-21T01:15:09.533",
  "references": [
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-051-01"
    },
    {
      "source": "ics-cert@hq.dhs.gov",
      "url": "https://www.radiantviewer.com/files/RadiAnt-2025.1-Setup.exe"
    }
  ],
  "sourceIdentifier": "ics-cert@hq.dhs.gov",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-295"
        }
      ],
      "source": "ics-cert@hq.dhs.gov",
      "type": "Secondary"
    }
  ]
}

CVE-2025-1001 (GCVE-0-2025-1001)

Vulnerability from cvelistv5 – Published: 2025-02-21 00:48 – Updated: 2025-02-21 21:28

Title

Medixant RadiAnt DICOM Viewer Improper Certificate Validation

Summary

Severity ?

5.7 (Medium)


                        
                          CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N

5.7 (Medium)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE

CWE-295 - Improper Certificate Validation

Assigner

icscert

References

URL

Tags

	https://www.cisa.gov/news-events/ics-medical-advi…
	https://www.radiantviewer.com/files/RadiAnt-2025.…

Impacted products

	Vendor	Product	Version
	Medixant	RadiAnt DICOM Viewer	Affected: 2024.02

Credits

Sharon Brizinov of Claroty Team82 reported this vulnerability to CISA.

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-1001",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-02-21T15:44:30.371666Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-21T21:28:49.043Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "RadiAnt DICOM Viewer",
          "vendor": "Medixant",
          "versions": [
            {
              "status": "affected",
              "version": "2024.02"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "finder",
          "value": "Sharon Brizinov of Claroty Team82 reported this vulnerability to CISA."
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eMedixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the update server\u0027s certificate which could allow an attacker to alter network traffic and carry out a machine-in-the-middle attack (MITM). An attacker could modify the server\u0027s response and deliver a malicious update to the user.\u003c/span\u003e"
            }
          ],
          "value": "Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the update server\u0027s certificate which could allow an attacker to alter network traffic and carry out a machine-in-the-middle attack (MITM). An attacker could modify the server\u0027s response and deliver a malicious update to the user."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "PRESENT",
            "attackVector": "ADJACENT",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "privilegesRequired": "NONE",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "NONE",
            "subConfidentialityImpact": "NONE",
            "subIntegrityImpact": "NONE",
            "userInteraction": "ACTIVE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N",
            "version": "4.0",
            "vulnAvailabilityImpact": "NONE",
            "vulnConfidentialityImpact": "NONE",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        },
        {
          "cvssV3_1": {
            "attackComplexity": "LOW",
            "attackVector": "ADJACENT_NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 5.7,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N",
            "version": "3.1"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-295",
              "description": "CWE-295 Improper Certificate Validation",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-02-21T00:48:52.489Z",
        "orgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
        "shortName": "icscert"
      },
      "references": [
        {
          "url": "https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-051-01"
        },
        {
          "url": "https://www.radiantviewer.com/files/RadiAnt-2025.1-Setup.exe"
        }
      ],
      "solutions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eMedixant recommends users download the \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.radiantviewer.com/files/RadiAnt-2025.1-Setup.exe\"\u003ev2025.1 or later version\u003c/a\u003e\u0026nbsp;of their software.\u003c/p\u003e\u003cbr\u003e"
            }
          ],
          "value": "Medixant recommends users download the  v2025.1 or later version https://www.radiantviewer.com/files/RadiAnt-2025.1-Setup.exe \u00a0of their software."
        }
      ],
      "source": {
        "advisory": "ICSMA-25-051-01",
        "discovery": "EXTERNAL"
      },
      "title": "Medixant RadiAnt DICOM Viewer Improper Certificate Validation",
      "workarounds": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cp\u003eIf users are unable to update to the new version, Medixant recommends the following:\u003c/p\u003e\u003cul\u003e\u003cli\u003eDisable\n the display of available updates via this command reg add \n\"HKCU\\Software\\RadiAnt Viewer\" /t REG_DWORD /v CheckUpdate /d 0 /f.\u003c/li\u003e\u003cli\u003eDo not check manually for updates (\"Check for updates now\" from the toolbar menu).\u003c/li\u003e\u003cli\u003eIgnore any update notifications coming from RadiAnt DICOM Viewer, download the latest version directly in the web browser from \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.radiantviewer.com/\"\u003ehttps://www.radiantviewer.com\u003c/a\u003e.\u003c/li\u003e\u003cli\u003eCheck the downloaded RadiAnt DICOM Viewer installation package with antivirus software before running it.\u003c/li\u003e\u003c/ul\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "If users are unable to update to the new version, Medixant recommends the following:\n\n  *  Disable\n the display of available updates via this command reg add \n\"HKCU\\Software\\RadiAnt Viewer\" /t REG_DWORD /v CheckUpdate /d 0 /f.\n  *  Do not check manually for updates (\"Check for updates now\" from the toolbar menu).\n  *  Ignore any update notifications coming from RadiAnt DICOM Viewer, download the latest version directly in the web browser from  https://www.radiantviewer.com https://www.radiantviewer.com/ .\n  *  Check the downloaded RadiAnt DICOM Viewer installation package with antivirus software before running it."
        }
      ],
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "7d14cffa-0d7d-4270-9dc0-52cabd5a23a6",
    "assignerShortName": "icscert",
    "cveId": "CVE-2025-1001",
    "datePublished": "2025-02-21T00:48:52.489Z",
    "dateReserved": "2025-02-03T18:33:02.870Z",
    "dateUpdated": "2025-02-21T21:28:49.043Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2025-1001

CVE-2025-1001 (GCVE-0-2025-1001)

Tags

Sightings

Nomenclature