The U.S. Cybersecurity and Infrastructure Safety Company (CISA) on Monday added a security flaw impacting NextGen Healthcare Mirth Connect with its Recognized Exploited Vulnerabilities (KEV) catalog, citing proof of energetic exploitation.
The flaw, tracked as CVE-2023-43208 (CVSS rating: N/A), issues a case of unauthenticated distant code execution arising from an incomplete patch for an additional crucial flaw CVE-2023-37679 (CVSS rating: 9.8).
Particulars of the vulnerability had been first revealed by Horizon3.ai in late October 2023, with further technical specifics and a proof-of-concept (PoC) exploit launched earlier this January.
Mirth Join is an open-source information integration platform extensively utilized by healthcare corporations, permitting for information trade between completely different methods in a standardized method.
CVE-2023-43208 is “finally associated to insecure utilization of the Java XStream library for unmarshalling XML payloads,” security researcher Naveen Sunkavally stated, describing the flaw as simply exploitable.
CISA has not offered any details about the character of assaults exploiting the flaw, and it’s unclear who weaponized them or when the in-the-wild exploitation was recorded.
Additionally added to the KEV catalog is a newly disclosed sort of confusion bug impacting the Google Chrome browser (CVE-2024-4947) that the tech large has acknowledged as exploited in real-world assaults.
Federal companies are required to replace to a patched model of the software program – Mirth Join model 4.4.1 or later and Chrome model 125.0.6422.60/.61 for Home windows, macOS, and Linux – by June 10, 2024, to safe their networks towards energetic threats.
