- Description
- Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the update server's certificate which could allow an attacker to alter network traffic and carry out a machine-in-the-middle attack (MITM). An attacker could modify the server's response and deliver a malicious update to the user.
- Source
- ics-cert@hq.dhs.gov
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 5.7
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- MEDIUM
CVSS 3.1
- Type
- Secondary
- Base score
- 5.7
- Impact score
- 3.6
- Exploitability score
- 2.1
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
- ics-cert@hq.dhs.gov
- CWE-295
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
⚠️ Vulnerability Alert: Improper Certificate Validation in RadiAnt DICOM Viewer 📅 Timeline: Disclosure: April 25, 2024 Patch Released: July 24, 2024 📌 Attribution: Not specified 🆔 CVE ID: CVE-2025-1001 📊 Base Score: 5.7 📏 CVSS Metrics:… https://t.co/gbxmba6aqU
@syedaquib77
21 Feb 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerability Alert: Improper Certificate Validation 📅 Timeline: Disclosure: 2025-02-20, Patch: 2025-02-20 📌 Attribution: Reported by Sharon Brizinov of Claroty Team82 🆔cveId: CVE-2025-1001 📊baseScore: 5.7 📏cvssMetrics:… https://t.co/6MrezRrXtx
@syedaquib77
21 Feb 2025
16 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1001 Certificate Validation Bypass in Medixant RadiAnt DICOM Viewer Update Mechanism https://t.co/28nuLzCoaI
@VulmonFeeds
21 Feb 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1001 Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the update server's certificate which could allow an attacker to alter netw… https://t.co/zMRFdntHRR
@CVEnew
21 Feb 2025
469 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Mozilla, la faille de Sécurité Firefox CVE-2025-1001 permet une exécution de code malveillant et des attaques de type phishing. https://t.co/eXemjKKLc4 #.Code Arbitraire à Distance #.Confidentialité #.Correctif #.Déni de service #.Faille #CERT
@NicolasCoolman
6 Feb 2025
14 Impressions
1 Retweet
2 Likes
0 Bookmarks
0 Replies
0 Quotes