DICOM PS3.10 2024e - Media Storage and File Format for Media Interchange

7.5 Security Considerations for DICOM File Format

The DICOM File Format has a potential security vulnerability when the 128-byte File Preamble contains malicious executable content. Such malicious executable content may also refer to other malicious content in the file hidden within Data Elements of the File Meta Information or the Data Set.

Depending upon the use and purpose of a particular application it may be appropriate to:

The proper response to a validation failure depends upon the purpose of the application. Validation might be performed on input, output, or both.

Note

For example, an archive may choose to sanitize SOP Instances upon receipt, sanitize SOP Instances upon retrieval, validate the structure and fail storage requests for SOP Instances that fail validation, or other behavior based on the product purpose and the threat environment. This behavior is not specified by DICOM because the product purpose and the threat environment are highly dependent upon the application.

An implementation shall describe in its Conformance Statement its behavior with respect to sanitization of the preamble and any other validation performed.

DICOM PS3.10 2024e - Media Storage and File Format for Media Interchange