Protecting Medical Data: The Risk of DICOM File Attacks on PACS Servers
Picture Archiving and Communication System (PACS) servers are crucial for managing patient imaging data in medical institutions. This presentation explores the essential functions of PACS servers and the structure of DICOM (Digital Imaging and Communications in Medicine) files, emphasizing the importance of unique identifiers.
We discuss the processing and transmission of DICOM files using various protocols and uncover significant privacy and security risks associated with exposed PACS servers and DICOM files on the internet.
Our research has identified multiple vulnerabilities in PACS servers, including use-after-free, stack-based buffer overflow, and path traversal, which could disrupt medical operations or result in the deletion of patient data.
The goal of this presentation is to raise security awareness and provide practical mitigation strategies for medical staff and server developers to protect sensitive medical data.
TOPIC / TRACK
Cyber-Physical System Security Forum
LOCATION
Taipei Nangang Exhibition Center, Hall 2
7F 701H
LEVEL
Intermediate Intermediate sessions focus on
cybersecurity
architecture, tools, and practical applications, ideal for
professionals with a basic understanding of
cybersecurity.
SESSION TYPE
Breakout Session
LANGUAGE
Chinese
SUBTOPIC
Healthcare Security
Cyber-Physical System Security
Vulnerability Research
CYBERSEC 2025 uses cookies to provide you with the best user experience possible. By continuing to use this site, you agree to the terms in our Privacy Policy 。