Unrated severityNVD Advisory· Published Dec 2, 2025· Updated Dec 9, 2025
Mirion Medical EC2 Software NMIS BioDose Incorrect Permission Assignment for Critical Resource
CVE-2025-64298
Description
NMIS/BioDose V22.02 and previous version installations where the embedded Microsoft SQLServer Express is used are exposed in the Windows share accessed by clients in networked installs. By default, this directory has insecure directory paths that allow access to the SQL Server database and configuration files, which can contain sensitive data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <= V22.02
- Mirion Medical/EC2 Software NMIS BioDosev5Range: 0
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.