Medixant RadiAnt DICOM Viewer

Monitor5.7ICS-CERT ICSMA-25-051-01Feb 20, 2025

Attack VectorAdjacent

Auth RequiredNone

ComplexityLow

User InteractionRequired

Summary

RadiAnt DICOM Viewer version 2024.02 contains an improper certificate validation vulnerability (CWE-295) in its update mechanism. An attacker on the same network could intercept the software's update communications and deliver a malicious installation package without user-visible signs of tampering. The vulnerability affects the automatic update checking and manual update retrieval functions within the application. Exploitation requires the attacker to be on the same network segment and the user to trigger an update check.

What this means

What could happen

An attacker on the same network could intercept RadiAnt updates and deliver malicious software to the workstation, potentially compromising medical imaging data or diagnostic workflows.

Who's at risk

Healthcare facilities operating diagnostic imaging workflows with RadiAnt DICOM Viewer, particularly those using version 2024.02 on workstations that are networked but not isolated from clinical staff networks.

How it could be exploited

An attacker must be on the same network segment (AV:A) and the user must interact with the software—likely by accepting a prompted update. The attacker intercepts the update connection and serves a malicious installer instead of the legitimate RadiAnt package.

Prerequisites

Attacker presence on the same network segment as the RadiAnt workstation
User interaction—the user must respond to an update prompt or manually check for updates
RadiAnt DICOM Viewer version 2024.02 or earlier
No HTTPS certificate validation during update retrieval

No authentication required for update mechanismLow complexity attackAffects medical imaging—diagnostic accuracy depends on software integrityRequires network proximity but not internet accessVersion 2024.02 has no patch available; users must manually upgrade

Exploitability

Low exploit probability (EPSS 0.0%)

Affected products (1)

ProductAffected VersionsFix Status

RadiAnt DICOM Viewer: 2024.022024.022025.1

Remediation & Mitigation

0/6

Do now

0/3

WORKAROUNDDisable automatic update checks by running: reg add "HKCU\Software\RadiAnt Viewer" /t REG_DWORD /v CheckUpdate /d 0 /f

WORKAROUNDDo not use the in-application 'Check for updates now' feature; instead download updates directly from https://www.radiantviewer.com via a web browser

HARDENINGScan any downloaded RadiAnt installer with antivirus software before execution

Schedule — requires maintenance window

0/2

Patching may require device reboot — plan for process interruption

HOTFIXUpdate RadiAnt DICOM Viewer to version 2025.1 or later

HARDENINGRestrict outbound network access from imaging workstations to only necessary destinations, blocking unauthorized update channels

Long-term hardening

0/1

HARDENINGSegment medical imaging workstations onto a dedicated network separate from business networks

CVEs (1)

CVE-2025-1001

View full CISA ICS-CERT advisory

↑↓ Navigate · Esc Close

API: /api/v1/advisories/8f2a67ac-a2ac-4e6d-9c23-ccc53521e7af