CVE-2025-0896: 
Linux Debian vulnerability analysis and mitigation

A critical vulnerability identified as CVE-2025-0896 affects Orthanc server versions prior to 1.5.8. The vulnerability stems from the server's default configuration where basic authentication is not enabled when remote access is activated. Orthanc is an open-source DICOM server widely used in healthcare environments for managing and storing medical images. The vulnerability was discovered by Amitay Dan and reported to Orthanc, while Souvik Kandar reported it to CISA (CISA Advisory, Security Online).

The vulnerability has been assigned a CVSS v3.1 base score of 9.8 with the vector string (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H), and a CVSS v4 base score of 9.2 with the vector string (AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N). The vulnerability is classified as CWE-306 (Missing Authentication for Critical Function), where the server fails to implement basic authentication by default when remote access is enabled (CISA Advisory).

The vulnerability could lead to unauthorized access to sensitive patient data, including medical images and associated information. Successful exploitation could allow attackers to disclose sensitive information, modify records, or cause denial-of-service conditions. The impact is particularly significant in healthcare environments where the confidentiality and integrity of medical records are crucial (Security Online, CISA Advisory).

Orthanc has released version 1.5.8 to address this vulnerability. Users are recommended to update to the latest version or enable HTTP authentication by setting the configuration 'AuthenticationEnabled': true in the configuration file. Additional mitigation measures include minimizing network exposure, implementing firewalls to isolate control system networks from business networks, and using secure methods like VPNs for remote access when required (CISA Advisory).