Exploit for CVE-2024-42845

Name: Exploit for CVE-2024-42845
Rating: 5 (19 reviews)
2025-01-10 | CVSS 8.0
## https://sploitus.com/exploit?id=A267B1A2-AC5E-5DF3-86D4-6A3C1A03AD9C
# CVE-2024-42845: Remote Code Execution (RCE) in Invesalius 3.1

## Exploit Details

- **Exploit Title**: Invesalius 3.1 - Remote Code Execution (RCE)
- **Discovered By**: Alessio Romano (sfoffo), Riccardo Degli Esposti (partywave)
- **Exploit Author**: Alessio Romano (sfoffo), Riccardo Degli Esposti (partywave)
- **Date**: 2024-08-23
- **Vendor Homepage**: [Invesalius](https://invesalius.github.io/)
- **Software Link**: [Invesalius GitHub Repository](https://github.com/invesalius/invesalius3/tree/master/invesalius)
- **Version**: 3.1.99991 to 3.1.99998
- **Tested on**: Windows
- **CVE**: CVE-2024-42845

## External References

- [Sfoffo Notes](https://notes.sfoffo.com/contributions/2024-contributions/cve-2024-42845)
- [GitHub - partywavesec](https://github.com/partywavesec/invesalius3_vulnerabilities/tree/main/CVE-2024-42845)
- [Partywave Research](https://www.partywave.site/show/research/Tic%20TAC%20-%20Beware%20of%20your%20scan)

## Description

A Remote Code Execution (RCE) vulnerability has been identified in the DICOM file import procedure of Invesalius3. Versions affected range from 3.1.99991 to 3.1.99998. The vulnerability allows attackers to execute arbitrary code by tricking the victim into importing a crafted DICOM file into the application.

## Exploit Details

### Vulnerability

The vulnerability is triggered by importing a maliciously crafted DICOM file, allowing the attacker to execute arbitrary code on the victim's machine.

### Impact

- **Remote Code Execution**: The crafted DICOM file can execute arbitrary code on the victim's machine upon import.
- **System Compromise**: An attacker can gain control over the victim's machine, potentially leading to data theft or further exploitation.

## Usage

1. **Prepare a DICOM File**: Obtain a valid DICOM file for modification.
2. **Craft Payload**: Use the script to inject the payload into the DICOM file.
3. **Import into Invesalius3**: The victim imports the crafted file, triggering the RCE.

## Mitigation

Users are advised to update to a version of Invesalius3 that is not affected by this vulnerability and to be cautious when importing DICOM files from untrusted sources.

## Credits

- **Alessio Romano (sfoffo)**
- **Riccardo Degli Esposti (partywave)**

--- 

**Disclaimer**: This document is for educational purposes only. Unauthorized exploitation of vulnerabilities is illegal and unethical.

![Repo View Counter](https://profile-counter.glitch.me/CVE-2024-42845/count.svg)