CVE-2024-42845
Last updated
Last updated
Invesalius is an open source software for reconstruction of computed tomography and magnetic ressonance images available for Windows, GNU/Linux and Apple Mac OS X platforms.
You can find more info about this 3D medical imaging reconstruction software at the following links:
DICOM is a standard file format widely used worldwide to store, exchange, and transmit medical images. DICOM files typically have the .dcm extension added to them.
DICOM files are central to the development of modern radiological imaging, as they incorporate standards for imaging modalities such as radiography, ultrasonography, computed tomography, magnetic resonance imaging, and radiation therapy.
This complex standard includes protocols for image exchange, image compression, 3D visualization, image presentation, and results reporting.
To properly edit and view DICOM files, third-party softwares are necessary.
One recommended software is MicroDicom.
A Remote Code Execution (RCE) vulnerability exists in the DICOM file import procedure in Invesalius3. This vulnerability afflicts all versions from 3.1.99991 to 3.1.99998.
The exploitation steps of this vulnerability involve the use of a crafted DICOM file which, once imported inside the victim's client application allows an attacker to gain remote code execution over the victim's machine.
Disclaimer: I worked on this vulnerability with partywave.
Check out his works as well!
Invesalius3 versions from 3.1.99991 to 3.1.99998 (2nd latest available at the time of writing) contain the following vulnerable function inside the invesalius/reader/dicom.py script file.
This function is triggered whenever a new DICOM file is imported.
In particular, the position of the imported image is calculated based on the coordinates contained in the image's position indexes in the tag at position (0x020, 0x032).
A DICOM object contains several attributes that can be referenced using several notations. In this specific case, the notation used is [hex-n, hex-n] where hex-n is the hexadecimal representation of a numerical index.
The coordinates' values are separated from \ characters.
An example is the following: 5.1\4.3\3.2.
Since the eval function is called for each value inside that range, where each value is taken by removing the \ characters, an attacker might inject a malicious python payload after the last coordinate value (preceded by a \ character) in order to cause the python code to be executed by the eval function.
Notice that any , character in the payload is going to be replaced with a . character, as line 441 suggests:
As previously stated, since the payload undergoes several syntax checks that may cause its , characters to be replaced with . characters, the handiest solution is to append and decode a base64-encoded payload.
The payload had to be injected inside a valid DICOM file. There are several free examples available online, the one that we decided to use is MrBrain, which you can find here: Sample DICOM Files.
Finally, an interesting operational note is that, by adding the Python payload at the end of the actual DICOM coordinates, the payload will be executed by the application without causing the application to crash or have any unexpected behaviour, allowing the attack to be performed without any notice.
The script below creates a specifically crafted DICOM payload for CVE-2024-42845.
You can find the proof of concept code in my repository: https://github.com/alessio-romano/Invesalius3_CVE-2024-42845
Remote Code Execution is gained once the DICOM file is imported inside the victim's client application.
