CISA Warns: Critical RadiAnt DICOM Viewer Bug Exposes Medical Data to MITM Attacks

CISA has warned about a critical certificate validation vulnerability in RadiAnt DICOM Viewer that could enable MITM attacks on medical imaging data. Healthcare organizations should immediately upgrade to version 2023.2 and implement additional network security measures to protect sensitive patient information.

The Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding a certificate validation vulnerability in RadiAnt DICOM Viewer, a widely used medical imaging software. This flaw could expose healthcare organizations to man-in-the-middle (MITM) attacks, potentially compromising sensitive patient data.

Understanding the RadiAnt DICOM Viewer Vulnerability

The vulnerability (CVE-2023-XXXX) stems from improper certificate validation in RadiAnt DICOM Viewer versions prior to 2023.2. This medical imaging software, developed by Medixant, fails to properly verify TLS certificates when establishing connections, making it susceptible to interception of medical data in transit.

Technical Breakdown

Vulnerability Type: Improper Certificate Validation (CWE-295)
Affected Versions: All versions before 2023.2
CVSS Score: 7.4 (High)
Attack Vector: Network
Impact: Data confidentiality and integrity compromise

Why This Matters for Healthcare Cybersecurity

RadiAnt DICOM Viewer is deployed in:
- Hospitals
- Radiology clinics
- Research institutions
- Telemedicine platforms

The software handles sensitive DICOM (Digital Imaging and Communications in Medicine) files containing:
- Patient medical images (X-rays, MRIs, CT scans)
- Protected health information (PHI)
- Personally identifiable information (PII)

Potential Attack Scenarios

Medical Data Interception: Attackers could intercept unencrypted DICOM files during transmission
Malware Injection: Compromised connections could deliver malicious payloads
Data Manipulation: Altered medical images could lead to misdiagnoses

Mitigation Steps Recommended by CISA

Immediate Actions

Upgrade to RadiAnt DICOM Viewer 2023.2 or later
Implement network segmentation for medical imaging systems
Monitor for unusual network activity involving DICOM transmissions

Long-term Security Measures

Deploy certificate pinning for medical imaging applications
Conduct regular vulnerability assessments of medical software
Train staff on recognizing potential MITM attack indicators

Vendor Response and Patch Availability

Medixant has released version 2023.2 with proper certificate validation. Healthcare IT administrators should:

Verify current RadiAnt version
Schedule emergency patching windows
Test new version compatibility with existing systems

Best Practices for Healthcare IT Security

Implement defense-in-depth strategies for medical imaging systems
Encrypt all DICOM transmissions regardless of viewer capabilities
Maintain an up-to-date inventory of medical software assets

Regulatory Implications

This vulnerability may impact compliance with:
- HIPAA Security Rule
- HITECH Act
- GDPR for European healthcare providers

Organizations should document mitigation efforts for compliance audits.