Discover expert insights, industry trends, and practical tips to optimize your IT infrastructure and boost business efficiency with our comprehensive blog.
Critical Orthanc Server Vulnerability Puts Medical Imaging Data at Risk
Critical Orthanc Server Flaw Puts Patient Medical Images at Risk
Critical Orthanc Server Vulnerability Puts Medical Imaging Data at Risk
A critical vulnerability (CVE-2025-0896) has been discovered in Orthanc Server, an open-source lightweight DICOM server widely used for medical imaging in healthcare facilities worldwide. This security flaw requires immediate attention from healthcare organizations to protect sensitive patient data and ensure continuous care delivery.
What is Orthanc Server?
Orthanc Server is a microservice designed for medical imaging that acts as a DICOM server, allowing healthcare providers to store, manage, and share medical imaging data. As an open-source solution headquartered in Belgium, it has been adopted globally throughout the healthcare and public health sector.
The Vulnerability
The critical vulnerability (CVE-2025-0896) stems from a default configuration issue where basic authentication is not enabled by default when remote access is activated. This oversight affects all Orthanc Server versions prior to 1.5.8 and has been assigned a CVSS v4 score of 9.2, indicating its severe nature.
Risks and Impact The exploitation of this vulnerability could lead to several serious consequences:
Unauthorized access to sensitive medical imaging data
Potential modification or deletion of critical X-ray images and patient records
Possible disruption of healthcare operations through denial-of-service conditions
Compromise of patient care due to tampered or unavailable medical images
Potential HIPAA violations and regulatory compliance issues
According to security researchers, over 600 instances of vulnerable Orthanc servers are currently exposed to the internet, creating a significant attack surface for potential exploitation.
How to Remediate Healthcare organizations using Orthanc Server should take immediate action:
Update to the latest version (1.5.8 or newer)
If immediate updating is not possible, enable HTTP authentication by setting “AuthenticationEnabled”: true in the configuration file
Implement recommended security measures:
Place control system networks behind firewalls
Isolate medical imaging systems from business networks
Use secure methods like VPNs when remote access is required
Regularly audit system configurations and access controls
How CinchOps Can Help
As your trusted security partner, CinchOps can assist healthcare organizations in:
Conducting thorough vulnerability assessments
Implementing secure configurations and authentication measures
Establishing network segmentation and access controls
Providing continuous monitoring for potential security threats
Ensuring compliance with healthcare security regulations
Developing incident response plans for potential breaches
Don’t wait until your medical imaging systems are compromised.
Discover more about our enterprise-grade and business protecting cybersecurity services on our Cybersecurity page.
Contact CinchOps today for your FREE Security Assessment.
