CVE-2025-61940

Mirion Medical EC2 Software NMIS BioDose Use of Client-Side Authentication

CVSS 8.7 HIGHEPSS 0.3%CWE-603

In short

The NMIS/BioDose software uses a shared database account that all users access through, with passwords checked only in the application itself rather than the database. This means if someone bypasses the application, they can directly access the database with full permissions.

Technical detail

CVE-2025-61940 exploits client-side authentication enforcement (CWE-603) where NMIS/BioDose V22.02 and earlier use a common SQL Server service account for all database connections. Authentication is validated only at the application layer; an attacker with network access to the database can bypass client software restrictions and directly query the database using the shared credentials, compromising data confidentiality and integrity.

Summary generated and translated by AI from the official description.

NMIS/BioDose V22.02 and previous versions rely on a common SQL Server user account to access data in the database. User access in the client application is restricted by a password authentication check in the client software but the underlying database connection always has access. The latest version of NMIS/BioDose introduces an option to use Windows user authentication with the database, which would restrict this database connection.

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Affected products

Mirion Medical · EC2 Software NMIS BioDose

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://www.cisa.gov/news-events/ics-medical-advisories/icsma-25-336-01