Vulnerabilities in OFFIS DCMTK

Vulnerabilities affecting the DCMTK software that processes Digital Imaging and Communications in Medicine (DICOM) image files

Threat ID:: CC-4120
Threat Severity:: Low
Published:: 24 June 2022 4:22 PM

Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

Vulnerabilities affecting the DCMTK software that processes Digital Imaging and Communications in Medicine (DICOM) image files

Affected platforms

The following platforms are known to be affected:

Versions: prior to 3.6.7

OFFIS DCMTK

Threat details

Introduction

CISA has released a medical advisory for OFFIS DCMTK, which includes vulnerabilities affecting the DCMTK software that processes Digital Imaging and Communications in Medicine (DICOM) image files. Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service (DoS) condition, write malformed DICOM files into arbitrary directories, and gain remote code execution.

Remediation advice

Affected organisations should review the ICS Medical Advisory (ICSMA-22-174-01) OFFIS DCMTK, the DCMTK security advisory and apply the necessary updates to the latest release.

CISA recommends the following workarounds to reduce the risk:

Minimise network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.
Locate control system networks and remote devices behind firewalls and isolate them from the business network.
When remote access is required, use secure methods, such as Virtual Private Networks (VPNs), recognising VPNs may have vulnerabilities and should be updated to the most current version available. Also recognise VPN is only as secure as its connected devices.

Definitive source of threat updates

CVE Vulnerabilities

Status Reserved

CVE-2022-2119

Status Reserved

CVE-2022-2120

Status Reserved

CVE-2022-2121

Last edited: 24 June 2022 4:29 pm