CVE-2025-1001

MEDIUM Year: 2025
CVSS v3 Score
5.7
Medium
Weakness Type
CWE-295
View all →

Vulnerability Description

Medixant RadiAnt DICOM Viewer is vulnerable due to failure of the update mechanism to verify the update server's certificate which could allow an attacker to alter network traffic and carry out a machine-in-the-middle attack (MITM). An attacker could modify the server's response and deliver a malicious update to the user.

Related Vulnerabilities

CVE-2025-20670

MEDIUM
CVSS:5.7(Medium)

In Modem, there is a possible permission bypass due to improper certificate validation. This could lead to remote information disclosure, if a UE has connected to a rogue base station controlled by th...

CWE-2952025

CVE-2016-7171

MEDIUM
CVSS:5.6(Medium)

NetApp Plug-in for Symantec NetBackup prior to version 2.0.1 makes use of a non-unique server certificate, making it vulnerable to impersonation.

CWE-2952016

CVE-2017-2648

MEDIUM
CVSS:5.6(Medium)

It was found that jenkins-ssh-slaves-plugin before version 1.15 did not perform host key verification, thereby enabling Man-in-the-Middle attacks.

CWE-2952017

CVE-2018-1000151

MEDIUM
CVSS:5.6(Medium)

A man in the middle vulnerability exists in Jenkins vSphere Plugin 2.16 and older in VSphere.java that disables SSL/TLS certificate validation by default.

CWE-2952018

CVE-2018-8119

MEDIUM
CVSS:5.6(Medium)

A spoofing vulnerability exists when the Azure IoT Device Provisioning AMQP Transport library improperly validates certificates over the AMQP protocol, aka "Azure IoT SDK Spoofing Vulnerability." This...

CWE-2952018

CVE-2018-8479

MEDIUM
CVSS:5.6(Medium)

A spoofing vulnerability exists for the Azure IoT Device Provisioning for the C SDK library using the HTTP protocol on Windows platform, aka "Azure IoT SDK Spoofing Vulnerability." This affects C SDK.

CWE-2952018