CVE-2025-31946

Sažetak

Pixmeo OsiriX MD is vulnerable to a local use after free scenario, which could allow an attacker to locally import a crafted DICOM file and cause memory corruption or a system crash.

Reference

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-128-01
https://www.osirix-viewer.com/about/contact/
https://www.osirix-viewer.com/osirix/osirix-md/

CVSS

Base:	6.2
Impact:	3.6
Exploitability:	2.5

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
NONE	NONE	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Zadnje važnije ažuriranje

12-05-2025 - 17:32

Objavljeno

08-05-2025 - 23:15