Mirion Medical patches high-severity flaws

Mirion Medical has released patches for five high-severity vulnerabilities affecting its radiation safety and medical-imaging management products.

What happened 

TechTarget has reported that Mirion Medical has released security patches to address five high-severity vulnerabilities in its EC2 Software NMIS BioDose platform. The flaws affect versions of the software before v23.0 (notably v22.02 and earlier). 

Going deeper

The five vulnerabilities, tracked as CVE-2025-64298, CVE-2025-61940, CVE-2025-62575, CVE-2025-64642, and CVE-2025-64778, expose various security weaknesses. 

• CVE-2025-64298 stems from insecure default settings. When the embedded Microsoft SQL Server Express is used in networked installs, a Windows shared directory becomes exposed, allowing clients access to the SQL Server database and configuration files, potentially leaking sensitive data. 
• CVE-2025-64642 relates to insecure file permissions in installation directories, which can allow users on client workstations to modify program executables or libraries. 
• CVE-2025-62575 arises because some default SQL user accounts are given sysadmin-level privileges, which, under certain circumstances, could allow remote code execution. 
• CVE-2025-64778 involves hard-coded plaintext passwords embedded in the software binaries. If an attacker discovers these, they could be used to compromise the application or database. 
• CVE-2025-61940 concerns the use of client-side authentication: while the client application prompts for a password, the underlying common SQL Server account always has access, creating a backdoor for potential unauthorized access.

These vulnerabilities represent a combination of insecure defaults, over-privileged accounts, exposed SQL shares, and poor credential management: the sort of “low-hanging fruit” that attackers look for.

What was said 

According to Tech Target, CISA has warned that “successful exploitation of these vulnerabilities could allow an attacker to modify program executables, gain access to sensitive information, gain unauthorized access to the application, and execute arbitrary code.” 

In other news

 According to SecurityWeek, earlier this year, researchers disclosed a critical vulnerability in Orthanc Server, a widely used open-source DICOM platform, that could allow remote, unauthenticated access to sensitive medical imaging data and potentially disrupt healthcare operations. The flaw, tracked as CVE-2025-0896, occurs because basic authentication is not enabled by default when remote access is turned on, leaving exposed servers open to data manipulation, deletion of imaging files, or service outages. Security experts warned that exploitation could result in altered patient records or missing diagnostic images, posing serious risks to patient safety. The Orthanc team urged users to upgrade to version 1.5.8 or later and to manually enable authentication if remote access is required. The incident highlights ongoing security challenges in medical imaging systems and underscores the importance of proper configuration and timely patching across healthcare environments.

Why it matters 

Both incidents show how weaknesses in authentication, configuration, and software design can expose sensitive patient data, disrupt clinical workflows, or even undermine diagnostic accuracy. If exploited, the flaws could allow attackers to alter or delete imaging records, interfere with radiation-dose tracking, or shut down systems relied on for timely diagnoses and treatment decisions. Together, the two stories point to the systemic fragility of medical-imaging infrastructure and the need for healthcare organizations to prioritize patching, secure configurations, and continuous monitoring to safeguard patient safety and operational continuity.

See also: HIPAA Compliant Email: The Definitive Guide (2025 Update)

FAQS

What products are affected by these vulnerabilities?

The vulnerabilities affect Mirion Medical’s EC2 Software NMIS BioDose platform, used widely in nuclear medicine and radiology departments for radiation dose management, patient scheduling, inventory control, and billing.

How severe are the vulnerabilities?

The vulnerabilities are classified as high severity and include risks such as unauthorized access, exposure of sensitive patient data, privilege escalation, and potential remote code execution.

What are the main risks if these vulnerabilities are exploited?

Exploitation could allow attackers to access confidential medical data, modify or delete radiation dose records, execute malicious code on affected systems, or disrupt clinical workflows, potentially compromising patient safety.