Skip to main content

Multiple Vulnerabilities in Softneta MedDream PACS

The critical vulnerability could allow an unauthenticated attacker to remotely execute arbitrary code

Threat ID:
CC-4373
Threat Severity:
Medium
Published:
7 September 2023 2:22 PM
Report a cyber attack: call 0300 303 5222 or email [email protected]

Summary

The critical vulnerability could allow an unauthenticated attacker to remotely execute arbitrary code

Affected platforms

The following platforms are known to be affected:

Versions: v7.2.8.810 and prior

​Softneta MedDream PACS

Threat details

Introduction

US Cyber Security and Infrastructure Agency (CISA) has released a security advisory addressing a critical and medium vulnerability in Softneta MedDream PACS.

These vulnerabilities could allow an attacker to obtain and leak plaintext credentials or remotely execute arbitrary code.

Vulnerability details

  • ​CVE-2023-40150 - CWE-749 - EXPOSED DANGEROUS METHOD OR FUNCTION

In ​MedDream PACS: v7.2.8.810 and prior, the product does not perform an authentication check and performs some dangerous functionality, which could result in unauthenticated remote code execution. A CVSS v3 base score of 9.8 has been calculated.

  • ​CVE-2023-39227 - CWE-256 - PLAINTEXT STORAGE OF A PASSWORD

In ​MedDream PACS: v7.2.8.810 and prior, the product stores usernames and passwords in plaintext. The plaintext storage could be abused by attackers to leak legitimate user’s credentials. A CVSS v3 base score of 6.1 has been calculated.

Remediation advice

Affected organisations are encouraged to review the US Cyber Security and Infrastructure Agency (CISA) medical advisory classified ICSMA-23-248-01 and apply any relevant updates.

​Softneta recommends users update to v7.2.9.820 of MedDream PACS Server or patch their current system using Fix-v230712.

​For assistance or additional information about installing the software, please contact Softneta directly.

​CISA recommends users take defensive measures to minimise the risk of exploitation of these vulnerabilities. Specifically, users should:

  • ​Minimise network exposure for all control system devices and/or systems, and ensure they are not accessible from the Internet.
  • ​Locate control system networks and remote devices behind firewalls and isolate them from business networks.
  • ​When remote access is required, use secure methods, such as virtual private networks (VPNs), recognising VPNs may have vulnerabilities and should be updated to the most current version available. Also recognise VPN is only as secure as its connected devices.

Last edited: 7 September 2023 4:01 pm