ICSMA-22-174-01 · Published 2022-06-23 · View on CISA ICS-CERT ↗

OFFIS DCMTK

CVSS 7.5 HIGH

Risk Summary

Successful exploitation of these vulnerabilities could allow an attacker to cause a denial-of-service condition, write malformed DICOM files into arbitrary directories, and gain remote code execution.

CVEs (3)

CVE-2022-2119 CVE-2022-2120 CVE-2022-2121

Remediations

OFFIS recommends all users update to Version 3.6.7 or later. For more information see Bug #1021

Affected Vendors

OFFIS

Affected Products (1)

OFFIS · DCMTK < 3.6.7

Affected Sectors

Healthcare and Public Health

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more