CVE-2024-25569

Summary

An out-of-bounds read vulnerability exists in the RAWCodec::DecodeBytes functionality of Mathieu Malaterre Grassroot DICOM 3.0.23. A specially crafted DICOM file can lead to an out-of-bounds read. An attacker can provide a malicious file to trigger this vulnerability.

Affected Software

VendorProductVersion RangeStatus
Grassroot DICOMGrassroot DICOM3.0.23affected

Weaknesses

  • CWE-125: CWE-125: Out-of-bounds Read

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: yes
    • Technical Impact: partial

CVE Program Container

Additional References

References