Open supply information integration platform Mirth Join is affected by a distant code execution vulnerability that may be exploited with out authentication, cybersecurity agency Horizon3.ai warns.
Developed by NextGen HealthCare, Mirth Join is a cross-platform interface engine that healthcare organizations depend on for data administration.
Tracked as CVE-2023-43208, the newly disclosed situation is a bypass for a critical-severity RCE flaw (CVE-2023-37679, CVSS rating of 9.8) that was disclosed in August 2023 and which was addressed with the discharge of Mirth Join model 4.4.0.
In accordance with Horizon3.ai, CVE-2023-37679 was stated to solely impression Mirth Join situations utilizing Java 8 or under, however additional evaluation of the vulnerability has revealed that, in actual fact, all Mirth Join installs are impacted, whatever the Java model they use.
Moreover, the cybersecurity agency’s investigation has revealed that the patch for CVE-2023-37679 will be bypassed, and reported the findings to NextGen HealthCare, which launched Mirth Join model 4.4.1 to deal with the brand new situation.
“That is an simply exploitable, unauthenticated distant code execution vulnerability. Attackers would most definitely exploit this vulnerability for preliminary entry or to compromise delicate healthcare information,” Horizon3.ai says.
In the intervening time, Horizon3.ai refrains from releasing technical particulars or an exploit for CVE-2023-43208, however warns that the strategies for exploitation are well-known.
“We’ve verified that Mirth Join variations going way back to 2015/2016 are susceptible,” the cybersecurity agency notes.
Horizon3.ai additionally factors out that Mirth Join seems to be deployed totally on Home windows machines, the place it sometimes runs with System privileges, suggesting that the impression of a profitable assault could be vital.
Moreover, the cybersecurity agency notes that it has recognized greater than 1,200 distinctive Mirth Join situations which are instantly accessible from the web.
Mirth Join customers are suggested to replace to model 4.4.1 of the platform as quickly as potential.
