Multiple vulnerabilities in Pixmeo OsiriX MD
Security Bulletin
This security bulletin contains information about 3 vulnerabilities.
1) Use-after-free
EUVDB-ID: #VU109795
Risk: High
CVSSv4.0: 6.6 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-27578
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error. A remote attacker can upload a specially crafted DICOM file and cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsOsiriX MD: - - 14.0.1 2024-02-28
CPE2.3 External linkshttps://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-128-01
https://www.osirix-viewer.com/about/contact/
https://www.osirix-viewer.com/osirix/osirix-md/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Use-after-free
EUVDB-ID: #VU109796
Risk: Low
CVSSv4.0: 4.6 [CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2025-31946
CWE-ID:
CWE-416 - Use After Free
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to perform a denial of service (DoS) attack.
The vulnerability exists due to a use-after-free error. A local attacker can upload a specially crafted DICOM file and cause a denial of service condition on the target system.
MitigationInstall updates from vendor's website.
Vulnerable software versionsOsiriX MD: - - 14.0.1 2024-02-28
CPE2.3 External linkshttps://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-128-01
https://www.osirix-viewer.com/about/contact/
https://www.osirix-viewer.com/osirix/osirix-md/
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
3) Cleartext transmission of sensitive information
EUVDB-ID: #VU109799
Risk: High
CVSSv4.0: 4.6 [CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Amber]
CVE-ID: CVE-2025-27720
CWE-ID:
CWE-319 - Cleartext Transmission of Sensitive Information
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to software uses insecure communication channel to transmit sensitive information. A remote attacker can gain access to sensitive data.
MitigationInstall updates from vendor's website.
Vulnerable software versionsOsiriX MD: - - 14.0.1 2024-02-28
CPE2.3 External linkshttps://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-128-01
https://www.osirix-viewer.com/about/contact/
https://www.osirix-viewer.com/osirix/osirix-md/
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
