Ddos 
In a recent security advisory, MIM Software Inc. disclosed a high-severity vulnerability, CVE-2025-1701, affecting the MIM Admin service, a key component in medical imaging environments. This flaw opens the door for attackers with local access to execute arbitrary code with elevated privileges, posing serious risks in clinical and virtualized settings.
According to the advisory:
“An attacker could exploit this vulnerability by sending a specially crafted request over the RMI interface to execute arbitrary code with the privileges of the MIM Admin service.”
The vulnerable Remote Method Invocation (RMI) interface listens only on 127.0.0.1, meaning it’s not remotely accessible over the network. However, this does not eliminate risk entirely.
MIM Software cautions:
“In a properly configured hospital environment, an attacker must have already compromised the network and additionally compromised the system where the MIM Admin service is running.”
In other words, CVE-2025-1701 is a post-compromise escalation vector, ideal for threat actors who have already breached a local system or gained remote access through exposed services like RDP or application virtualization systems.
The vulnerability impacts the following versions of the MIM Admin Service:
- Versions before 7.2.13
- Versions before 7.3.8
- Versions before 7.4.3
If successfully exploited, this vulnerability: “Could execute arbitrary code with the privileges of the MIM Admin service.”
This level of access could enable attackers to tamper with medical imaging workflows, alter diagnostic data, or pivot deeper into hospital systems.
MIM Software urges users to upgrade to one of the following patched versions:
- 7.2.13+
- 7.3.8+
- 7.4.3+
If upgrading is not immediately possible, customers are advised to: “Block all connections to port 5981 on MIM client systems.”
For users not on a Fixed License, this action disables remote control of MIM services but mitigates the exploit vector. Fixed License users can contact MIM support to switch to a Local or Concurrent license to safely block the vulnerable port.
Donate