Orthanc DICOM Flaws Expose Medical Systems to Crashes and RCE

Cyber Threat Intelligence has flagged critical vulnerabilities within the Orthanc software, a popular open-source PACS server used for managing medical imaging data. The identified flaws, detailed in a report, could allow attackers to crash the service or even achieve Remote Code Execution (RCE) on vulnerable systems. This is a serious concern for any healthcare provider relying on Orthanc for their DICOM (Digital Imaging and Communications in Medicine) data management.

The vulnerabilities stem from improper handling of DICOM metadata and object parsing. Attackers could craft malicious DICOM files or exploit specific network interactions to trigger these flaws. The potential impact ranges from denial-of-service conditions, rendering critical medical imaging unavailable, to the much more severe outcome of RCE, granting attackers full control over the affected server. This could lead to data exfiltration, system manipulation, or further lateral movement within a healthcare network.

Given the sensitive nature of Protected Health Information (PHI) stored in PACS systems, the implications of such vulnerabilities are profound. Healthcare organizations are prime targets for various threat actors due to the value of patient data on the black market. Exploiting Orthanc could be a gateway to compromising patient records, disrupting clinical operations, and potentially holding systems hostage.