Orthanc, a widely used open-source Digital Imaging and Communications in Medicine (DICOM) server, is now under scrutiny after researchers uncovered nine critical security vulnerabilities. These flaws, tracked as CVE-2026-5437 to CVE-2026-5445, could allow cyber attackers to crash systems, leak sensitive healthcare data, and even execute remote code.
According to an advisory released by the CERT Coordination Center, these vulnerabilities primarily arise from poor input validation, missing security safeguards, and unsafe memory handling practices. As a result, attackers can exploit these weaknesses in multiple ways, putting healthcare IT environments at serious risk.
Orthanc has gained popularity due to its lightweight architecture and its ability to process and analyze medical images without relying on complex infrastructure. However, this same simplicity has exposed critical weaknesses in its core parsing and decoding components.
One of the major issues identified involves an out-of-bounds read vulnerability within the meta-header parser. Because the system does not adequately validate input data, attackers can manipulate requests to access unintended areas of memory. Consequently, this could expose sensitive information stored within the system.
In addition, researchers highlighted a dangerous GZIP decompression bomb vulnerability. In this case, the server allocates memory based on attacker-controlled metadata without enforcing proper limits. As a result, threat actors can exhaust system memory, leading to service disruption. Similarly, a related flaw in ZIP archive processing allows attackers to force the system into allocating excessively large buffers, further increasing the risk of denial-of-service (DoS) attacks.
Moreover, the HTTP server component within Orthanc is also affected. It directly allocates memory based on user-supplied header values. Therefore, malicious actors can craft requests with unusually large values to trigger system crashes.
Beyond these issues, additional vulnerabilities exist in proprietary compression formats and palette color image processing. These flaws could expose sensitive memory data, further amplifying the risk of data breaches. More critically, multiple heap buffer overflow vulnerabilities in the image decoding and parsing logic present the most severe threat.
“These issues, particularly heap-based buffer overflows, could allow attackers fo crash the process and, under cerfain conditions, achieve remote code execution” the advisory noted.
Importantly, all identified vulnerabilities affect Orthanc versions 1.12.0 and earlier. To mitigate these risks, users are strongly advised to upgrade to version 1.12.1, which includes necessary security fixes.
Overall, this discovery highlights the urgent need to strengthen cybersecurity in healthcare IT systems. Since medical imaging platforms handle highly sensitive patient data, any vulnerability can lead to severe consequences, including data breaches and operational disruptions. Therefore, organizations must prioritize timely updates, robust security practices, and continuous monitoring to safeguard their infrastructure.
Recommended Cyber Technology News:
- DoveRunner Expands Application Security To Apple TV
- Self Acquires Loam To Expand AI Identity Infrastructure
- Symmetry Systems Expands AI Security With AIGuard Updates
To participate in our interviews, please write to our CyberTech Media Room at info@intentamplify.com
