CVE-2025-1002

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Published Feb 10, 2025

CWE ID 295

Summary

CVE-2025-1002 is a vulnerability affecting MicroDicom DICOM Viewer version 2024.03. The issue lies in the software's inability to properly verify the update server's certificate. An attacker in a privileged network position can exploit this weakness and carry out a Man-in-the-Middle (MITM) attack. They can manipulate network traffic and deliver a malicious update to users, putting their systems at risk. This vulnerability underscores the importance of secure certificate verification for maintaining the integrity and security of software updates.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/2dvgqH
https://www.cve.org/CVERecord?id=CVE-2025-1002
https://nvd.nist.gov/vuln/detail/CVE-2025-1002

Back to Vulnerability Database

CVE-2025-1002

CVSS 3.1 Score 5.7 of 10 (medium)

Details

Summary

Advisories, Assessments, and Mitigations