Tag: Horizon3.ai

Critical Flaw in NextGen’s Mirth Connect Could Expose Healthcare Data
News

Critical Flaw in NextGen’s Mirth Connect Could Expose Healthcare Data

Following the discovery of an unauthenticated remote code execution vulnerability, users of NextGen HealthCare's open-source data integration platform, Mirth Connect, are being advised to update to the most recent version. The vulnerability, identified as CVE-2023-43208, has been fixed in version 4.4.1, which was made available on October 6, 2023. According to Naveen Sunkavally of Horizon3.ai, "this is an easily exploitable, unauthenticated remote code execution vulnerability," which was reported on Wednesday. "Attackers would most likely exploit this vulnerability for initial access or to compromise sensitive healthcare data." Mirth Connect dubbed the "Swiss Army knife of healthcare integration," is a cross-platform interface engine that enables standardized data exchange and co...