NextGen Healthcare Mirth Connect Under Attack – CISA Issues Urgent Warning

NextGen Healthcare Mirth Connect Under Attack - CISA Issues Urgent Warning

May 21, 2024 at 03:57AM

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw in NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities catalog. The flaw allows for unauthenticated remote code execution due to insecure usage of Java XStream library. Federal agencies are required to update to patched versions by June 10, 2024.

Key takeaways from the meeting notes are:

– The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw impacting NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
– The flaw, tracked as CVE-2023-43208, concerns unauthenticated remote code execution arising from an incomplete patch for another critical flaw, CVE-2023-37679.
– Mirth Connect, widely used by healthcare companies for data exchange, is susceptible to the security flaw related to insecure usage of the Java XStream library for unmarshalling XML payloads.
– CISA also added a newly disclosed type of confusion bug impacting the Google Chrome browser (CVE-2024-4947) to the KEV catalog, acknowledged as exploited in real-world attacks.
– Federal agencies are required to update to patched software versions by June 10, 2024, to secure their networks against active threats.

Let me know if there is anything else you need assistance with!

Full Article