CVE-2025-64642

High CVSS: 7.1

NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries.

Vendor

Mirion

Product

Biodose\/nmis

CWE

CWE-732

Yayın Tarihi

2025-12-02 21:15:52

Güncelleme

2026-01-02 20:59:39

Source Identifier

ics-cert@hq.dhs.gov

KEV Date Added

Kategoriler

CWE-732 Biodose\/nmis HIGH Mirion 2025

Referanslar

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-336-01

Benzer Kayıtlar

High

CVE-2025-62575

NMIS/BioDose V22.02 and previous versions rely on a Microsoft SQL Server database. The SQL user account 'nmdbuser' and o…

High

CVE-2025-64298

NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer Express is used are expose…

High

CVE-2025-64778

NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text hard-coded passwords. The…

High

CVE-2025-61940

NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data in the database. User…