CVE-2026-32711 in pydicom
Summary
by MITRE • 03/20/2026
pydicom is a pure Python package for working with DICOM files. Versions 2.0.0-rc.1 through 3.0.1 are vulnerable to Path Traversal through a maliciously crafted DICOMDIR ReferencedFileID when it is set to a path outside the File-set root. pydicom resolves the path only to confirm that it exists, but does not verify that the resolved path remains under the File-set root. Subsequent public FileSet operations such as copy(), write(), and remove()+write(use_existing=True) use that unchecked path in file I/O operations. This allows arbitrary file read/copy and, in some flows, move/delete outside the File-set root. This issue has been fixed in version 3.0.2.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.
Analysis
by VulDB Data Team • 03/25/2026
The vulnerability described in CVE-2026-32711 affects pydicom, a widely used Python library for handling DICOM (Digital Imaging and Communications in Medicine) files in medical imaging environments. This security flaw represents a path traversal vulnerability that specifically targets the File-set root directory mechanism within pydicom's file handling operations. The vulnerability exists in versions 2.0.0-rc.1 through 3.0.1, where the library fails to properly validate file paths during DICOMDIR processing, creating a significant security risk for medical imaging systems that rely on this library for DICOM file management.
The technical flaw stems from pydicom's insufficient path validation during the processing of maliciously crafted DICOMDIR files. When a ReferencedFileID field contains a path outside the intended File-set root, the library resolves this path to verify its existence but fails to enforce boundary checks that would prevent the resolved path from escaping the designated root directory. This validation gap creates a condition where subsequent file I/O operations can operate on paths outside the intended scope, as demonstrated by the copy(), write(), and remove()+write(use_existing=True) operations that all utilize the unchecked resolved path. The vulnerability is classified under CWE-22 Path Traversal and aligns with ATT&CK technique T1059.007 Command and Scripting Interpreter: Python, as it enables attackers to manipulate file system operations through Python-based DICOM processing.
The operational impact of this vulnerability extends beyond simple unauthorized file access, as it enables attackers to perform arbitrary file read, copy, move, and delete operations within the system's file structure. In medical environments, this could lead to exposure of sensitive patient data, system compromise through malicious file manipulation, or disruption of critical imaging workflows. The vulnerability particularly affects systems where pydicom is used to process DICOM files from untrusted sources, such as medical imaging networks, PACS (Picture Archiving and Communication Systems), or any environment handling DICOM files from external sources. The security implications are exacerbated by the fact that this vulnerability can be exploited through legitimate DICOM file processing flows, making detection more challenging and potentially allowing attackers to remain undetected while performing unauthorized file system operations.
Organizations using affected versions of pydicom should immediately upgrade to version 3.0.2 or later, which implements proper path validation to prevent traversal outside the File-set root directory. Additional mitigations include implementing strict file input validation for DICOM files, monitoring file system operations for unusual access patterns, and restricting network access to DICOM processing systems. Security teams should also consider implementing network segmentation to limit access to systems processing DICOM files, as well as regular security assessments of medical imaging environments to identify and remediate similar path traversal vulnerabilities. The fix in version 3.0.2 addresses the core issue by implementing comprehensive path validation that ensures all resolved file paths remain within the designated File-set root, preventing the escape condition that enabled the path traversal attacks.