GradeZero Music Band

Saturday, July 25, 2020

Vulnerabilities in AI Healthcare pipelines

Must see if you use/develop Artificial Intelligence in Healthcare and care about Cybersecurity and Privacy.

Video of the talk "How to Hack Medical Imaging Applications via DICOM" by Maria Nedyak

During our research of NVIDIA Clara (healthcare application framework for AI-powered imaging, genomics, and for the development and deployment of smart sensors) we have found several vulnerabilities in popular components, widely used by the Medical Imaging pipelines:

  • ORTHANC - CSRF with remote code execution
    • DoS xml2dcm utility
    • DoS dcm2xml utility
    • XXE injection in xml2dcm utility
    • DoS xml2dcm utility
    • Insecure functionality in xml2dcm utility
  • SimpleITK
    • Heap buffer overflow
    • Buffer overflow
More information about HackingOdyssey AI Security research:

No comments:

Post a Comment