1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • CISA issues warning for new actively exploited NextGen Healthcare

    From TechnologyDaily@1337:1/100 to All on Tue May 21 17:00:06 2024
    CISA issues warning for new actively exploited NextGen Healthcare Mirth Connect vulnerability

    Date:
    Tue, 21 May 2024 16:45:19 +0000

    Description:
    A bug allows pre-auth remote code execution against vulnerable endpoints.

    FULL STORY ======================================================================

    The US Cybersecurity and Infrastructure Security Agency (CISA) has added a
    new vulnerability to its Known Exploited Vulnerabilities (KEV) list, thus alerting government agencies and other firms of active exploitation in the wild.

    The new addition is an authenticated code execution vulnerability found in NextGen Healthcare Mirth Connect. It is tracked as CVE-2023-43208, and has
    not yet been given a severity score.

    NextGen Healthcare Mirth Connect is an open-source integration engine used primarily in healthcare IT for exchanging healthcare data between various systems. It enables interoperability between different healthcare applications, and allows secure and efficient transfer of data through standardized protocols and formats such as HL7, DICOM, and FHIR. No details about the flaw

    This vulnerability reportedly came as a side-effect of the company trying to fix a previous critical-severity flaw, tracked as CVE-2023-37679. This vulnerability, carrying a severity score of 9.8, was also described as a pre-auth remote code execution, and received a fix in August last year.

    Besides adding the vulnerability to the KEV list, CISA said very little about the flaw. Thus, we dont know who the threat actors are, how they are exploiting it, who the victims are, or how many of them there are.

    CISA gave federal agencies a deadline of June 10 to update their endpoints
    and bring Mirth Connect to version 4.1.1.

    Given the sensitivity of the information they operate, organizations in the healthcare industry are one of the most targeted ones out there. There are multiple ways cybercriminals can weaponize sensitive data , from selling it
    on the black market for a profit, to extorting money from victim companies.

    When healthcare organizations lose data in a cyberattack, they lose trust
    from their patients, which ultimately translates to loss of business. From
    the other end, legislators and data watchdogs can demand significant investments in cybersecurity measures, as well as fines for losing patient data, which also translates to less earnings.

    Via The Hacker News More from TechRadar Pro CISA warns on JetBrains TeamCity flaw that could allow hackers to generate admin accounts Here's a list of the best firewalls today These are the best endpoint protection tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/cisa-issues-warning-for-new-actively-ex ploited-nextgen-healthcare-mirth-connect-vulnerability


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)