CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw

May 21, 2024 at 07:21AM CISA added a flaw in NextGen Healthcare’s Mirth Connect product, a widely used healthcare interface engine, to its KEV catalog. Tracked as CVE-2023-43208, the flaw can lead to unauthenticated remote code execution. A patch was released with Mirth Connect version 4.4.1. Microsoft reported ransomware attacks exploiting this and another flaw. … Read more

NextGen Healthcare Mirth Connect Under Attack – CISA Issues Urgent Warning

May 21, 2024 at 03:57AM The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a security flaw in NextGen Healthcare Mirth Connect to its Known Exploited Vulnerabilities catalog. The flaw allows for unauthenticated remote code execution due to insecure usage of Java XStream library. Federal agencies are required to update to patched versions by June … Read more

Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data

October 26, 2023 at 02:57PM Open source data integration platform Mirth Connect has a remote code execution vulnerability, according to cybersecurity firm Horizon3.ai. The vulnerability, tracked as CVE-2023-43208, bypasses a critical-severity flaw disclosed earlier and affects all Mirth Connect installations. A patch has been released, but the cybersecurity firm warns that the vulnerability is easily … Read more

Critical Flaw in NextGen’s Mirth Connect Could Expose Healthcare Data

October 26, 2023 at 04:48AM Users of Mirth Connect, an open-source data integration platform, are urged to update to version 4.4.1 due to the discovery of an unauthenticated remote code execution vulnerability (CVE-2023-43208). Horizon3.ai warns that attackers may exploit this vulnerability to gain access to sensitive healthcare data. The flaw affects various versions of Mirth … Read more

By proceeding you understand and give your consent that your IP address and browser information might be processed by the security plugins installed on this site.
×