Customers of Mirth Join, an open-source information integration platform from NextGen HealthCare, are being urged to replace to the newest model following the invention of an unauthenticated distant code execution vulnerability.
Tracked as CVE-2023-43208, the vulnerability has been addressed in model 4.4.1 launched on October 6, 2023.
“That is an simply exploitable, unauthenticated distant code execution vulnerability,” Horizon3.ai’s Naveen Sunkavally mentioned in a Wednesday report. “Attackers would more than likely exploit this vulnerability for preliminary entry or to compromise delicate healthcare information.”
Known as the “Swiss Military knife of healthcare integration,” Mirth Join is a cross-platform interface engine used within the healthcare business to speak and trade information between disparate methods in a standardized method.
Extra technical particulars concerning the flaw have been withheld in gentle of the truth that Mirth Join variations going way back to 2015/2016 have been discovered to be susceptible to the problem.
It is price noting that CVE-2023-43208 is a patch bypass for CVE-2023-37679 (CVSS rating: 9.8), a essential distant command execution (RCE) vulnerability within the software program that enables attackers to execute arbitrary instructions on the internet hosting server.
Whereas CVE-2023-37679 was described by its maintainers as solely affecting servers operating Java 8, Horizon3.ai’s evaluation discovered that each one cases of Mirth Join, whatever the Java model, had been vulnerable to the issue.
The criticality of the problem arises from the truth that Mirth Join seems to be mostly deployed on Home windows endpoints with SYSTEM consumer privileges, doubtlessly enabling menace actors to utterly take over susceptible installations.
Given the benefit with which the vulnerability could be trivially abused, coupled with the truth that the exploitation strategies are well-known, it is really useful to replace Mirth Join, significantly which are publicly accessible over the web, to model 4.4.1 as quickly as doable to mitigate potential threats.
