CVE-2025-25474

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Published Feb 18, 2025

Updated: Feb 20, 2025

CWE ID 120

Summary

CVE-2025-25474 is a newly discovered buffer overflow vulnerability affecting DCMTK v3.6.9 and later versions, specifically the DEV component and the /dcmimgle/diinpxt.h file. Attackers can exploit this weakness by providing malicious input that exceeds the intended buffer size, potentially leading to unintended code execution and system compromise. This vulnerability poses a significant risk to organizations using DCMTK for medical imaging and requires urgent patching.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Offis Dcmtk

Advisories, Assessments, and Mitigations

https://app.recordedfuture.com/live/sc/entity/3IDpdp
https://www.cve.org/CVERecord?id=CVE-2025-25474
https://nvd.nist.gov/vuln/detail/CVE-2025-25474

Back to Vulnerability Database

CVE-2025-25474

CVSS 3.1 Score 6.5 of 10 (medium)

Details

Summary

Affected Products

Advisories, Assessments, and Mitigations