The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding NextGen Healthcare Mirth Connect, identifying an ongoing security flaw that allows unauthenticated remote code execution
The vulnerability, tracked as CVE-2023-43208 and related to insecure Java XStream library usage, was disclosed by Horizon3.ai with a PoC exploit released in January. CISA noted evidence of active exploitation but did not detail the attacks. To mitigate risks, organizations are urged to update to Mirth Connect version 4.4.1 or later by June 10, 2024. Additionally, a confusion bug impacting Google Chrome (CVE-2024-4947) has been added to the Known Exploited Vulnerabilities catalog, with the tech giant confirming real-world exploitation. Federal agencies are advised to update to Chrome version 125.0.6422.60/.61 in order to protect against active threats. https://thehackernews.com/2024/05/nextgen-healthcare-mirth-connect-under.html