"Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data"

Users of NextGen HealthCare's open-source data integration platform Mirth Connect are urged to update to the latest version because of an unauthenticated Remote Code Execution (RCE) flaw. Mirth Connect, also known as the "Swiss Army knife of healthcare integration," is a cross-platform interface engine that the healthcare industry uses to communicate and exchange data between disparate systems in a standardized way. The vulnerability, tracked as CVE-2023-43208, has been fixed in version 4.4.1, released on October 6, 2023. It is an easily exploitable, unauthenticated RCE flaw, according to Naveen Sunkavally of Horizon3.ai, who added that attackers would likely exploit this flaw to gain initial access or compromise sensitive healthcare data. This article continues to discuss the potential exploitation and impact of the vulnerability. 

THN reports "Critical Flaw in NextGen's Mirth Connect Could Expose Healthcare Data"

Submitted by grigby1