Start your day with intelligence. Get The OODA Daily Pulse.

Home > Briefs > Cyber > Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data

Critical Mirth Connect Vulnerability Could Expose Sensitive Healthcare Data

Mirth Connect, an open-source data integration platform used in healthcare organizations, has been found to have a critical remote code execution (RCE) vulnerability, CVE-2023-43208, that can be exploited without authentication. This vulnerability bypasses a previously disclosed RCE flaw (CVE-2023-37679) and affects all Mirth Connect installations, regardless of the Java version. Attackers could exploit this flaw to gain initial access or compromise sensitive healthcare data. A patch has been released in Mirth Connect version 4.4.1. Users are strongly advised to update to this version to mitigate the risk.

Read more: https://www.securityweek.com/critical-mirth-connect-vulnerability-could-expose-sensitive-healthcare-data/