{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-07-01T01:00:27.740","vulnerabilities":[{"cve":{"id":"CVE-2024-22100","sourceIdentifier":"ics-cert@hq.dhs.gov","published":"2024-03-01T01:15:07.330","lastModified":"2026-06-17T07:10:42.840","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"\n\n\n\n\nMicroDicom DICOM Viewer versions 2023.3 (Build 9342) and prior are affected by a heap-based buffer overflow vulnerability, which could allow an attacker to execute arbitrary code on affected installations of DICOM Viewer. A user must open a malicious DCM file in order to exploit the vulnerability.\n\n\n\n\n\n"},{"lang":"es","value":"MicroDicom DICOM Viewer versiones 2023.3 (compilación 9342) y anteriores se ven afectadas por una vulnerabilidad de desbordamiento de búfer de almacenamiento dinámico, que podría permitir a un atacante ejecutar código arbitrario en instalaciones afectadas de DICOM Viewer. Un usuario debe abrir un archivo DCM malicioso para poder explotar la vulnerabilidad."}],"affected":[{"source":"ics-cert@hq.dhs.gov","affectedData":[{"vendor":"MicroDicom","product":"DICOM Viewer","defaultStatus":"unaffected","versions":[{"version":"0","lessThanOrEqual":" 2023.3 (Build 9342)","versionType":"custom","status":"affected"}]}]},{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","affectedData":[{"vendor":"microdicom","product":"dicom_viewer","defaultStatus":"unknown","cpes":["cpe:2.3:a:microdicom:dicom_viewer:*:*:*:*:*:*:*:*"],"versions":[{"version":"0","lessThanOrEqual":"2023.3_build_9342","versionType":"custom","status":"affected"}]}]}],"metrics":{"cvssMetricV31":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9},{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"REQUIRED","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}],"ssvcV203":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","ssvcData":{"timestamp":"2024-03-04T20:39:49.457575Z","id":"CVE-2024-22100","options":[{"exploitation":"none"},{"automatable":"no"},{"technicalImpact":"total"}],"role":"CISA Coordinator","version":"2.0.3"}}]},"weaknesses":[{"source":"ics-cert@hq.dhs.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-122"}]},{"source":"nvd@nist.gov","type":"Secondary","description":[{"lang":"en","value":"CWE-787"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microdicom:dicom_viewer:*:*:*:*:*:*:*:*","versionEndExcluding":"2024.1","matchCriteriaId":"FCB759EB-FAF5-4952-ABEB-0DAC418A5846"}]}]}],"references":[{"url":"https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-060-01","source":"ics-cert@hq.dhs.gov","tags":["US Government Resource"]},{"url":"https://www.cisa.gov/news-events/ics-medical-advisories/icsma-24-060-01","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]}]}}]}