CVE-2024-42845 — AI Deep Analysis Summary

🚨 **Essence**: InVesalius (v3.1.99991-3.1.99998) suffers from **Eval Injection** via DICOM files.…

🛡️ **Root Cause**: **Eval Injection**. The software fails to sanitize input when processing DICOM files, allowing code execution commands to be injected and evaluated by the application engine.

👥 **Affected**: Users of **InVesalius 3.1.99991 through 3.1.99998**. This is an open-source 3D medical imaging reconstruction software. 🖥️ Tested primarily on **Windows**.

💀 **Attacker Capabilities**: **Remote Code Execution (RCE)**. Hackers gain the same privileges as the user running InVesalius. They can run any command, install malware, or steal sensitive medical data. 📂

🔓 **Exploitation Threshold**: **Low**. No authentication is required. The attack vector is **Social Engineering**: simply getting the victim to open a crafted `.dcm` (DICOM) file is enough to trigger the exploit. 🎣

🔥 **Public Exploit**: **YES**. POCs and exploits are publicly available on GitHub (e.g., `partywavesec/invesalius3_vulnerabilities`). Wild exploitation is highly likely given the ease of delivery. ⚠️

🔍 **Self-Check**: 1. Check your InVesalius version (must be between 3.1.99991 and 3.1.99998). 2. Scan for suspicious DICOM files in your inbox. 3.…

🩹 **Official Fix**: The vendor (InVesalius) has released updates. Check the [official GitHub releases](https://github.com/invesalius/invesalius3/releases) for the patched version. Update immediately! 📥

🚧 **No Patch Workaround**: **Do not open DICOM files** from untrusted sources. If you must use the vulnerable version, run it in a **sandboxed environment** or **VM** to isolate potential code execution. 🛑

🚨 **Urgency**: **CRITICAL**. High severity due to **RCE** and **easy exploitation** via file opening. Immediate patching or isolation is required for all medical professionals using this software. 🏥