← Back to home
ICSMA-25-037-02  ·  Published 2025-02-06  ·  View on CISA ICS-CERT ↗

Orthanc Server

CVSS 9.8 CRITICAL

Risk Summary

Successful exploitation of this vulnerability could allow an attacker to disclose sensitive information, modify records, or cause a denial-of-service condition.

CVEs (1)

Remediations

  • Orthanc recommends that customers update to the latest version or enable the HTTP authentication by setting the configuration "AuthenticationEnabled": true in the configuration file.

Affected Vendors

Orthanc

Affected Products (1)

Orthanc · Orthanc server <1.5.8

Affected Sectors

Healthcare and Public Health

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more