Video of the talk "How to Hack Medical Imaging Applications via DICOM" by Maria Nedyak
https://www.youtube.com/watch?v=8eXrZLTgy6Q&t=8460
During our research of NVIDIA Clara (healthcare application framework for AI-powered imaging, genomics, and for the development and deployment of smart sensors) we have found several vulnerabilities in popular components, widely used by the Medical Imaging pipelines:
- ORTHANC - CSRF with remote code execution
- DCMTK
- DoS xml2dcm utility
- DoS dcm2xml utility
- XXE injection in xml2dcm utility
- DoS xml2dcm utility
- Insecure functionality in xml2dcm utility
- SimpleITK
- Heap buffer overflow
- Buffer overflow
More information about HackingOdyssey AI Security research: https://github.com/sdnewhop/AISec
No comments:
Post a Comment