From what I understand these DICOM-devices are insecure by default, you can just connect to them and download data, and they expect their users to make them secure with network separation etc. That's not a realistic expectation if your customers aren't IT security professionals. And there's no reason to create such a flawed design, a simple password would be a huge improvement.
In such a case the blame should fully go to the vendor.
From what I understand these DICOM-devices are insecure by default, you can just connect to them and download data, and they expect their users to make them secure with network separation etc. That's not a realistic expectation if your customers aren't IT security professionals. And there's no reason to create such a flawed design, a simple password would be a huge improvement.
In such a case the blame should fully go to the vendor.