Mirth Connect, an Epic and NextGen tool, is at risk from a remote code execution vulnerability (CVE-2023-43208), affecting pre-4.4.1 versions. This follows another high-level threat earlier this year. Multiple security breaches involving NextGen Healthcare occurred recently. With a significant rise in healthcare IT vulnerabilities, including RCE attacks, heightened cybersecurity awareness is critical. NextGen stresses updating to Mirth Connect’s latest version for security.
Mirth Connect, a key interoperability tool from Epic and NextGen, faces a security threat due to remote code execution (RCE) vulnerability, as identified in the NIST national vulnerability database. The vulnerability, cataloged as CVE-2023-43208 by MITRE, affects certain versions of NextGen software and is pending further analysis. NextGen Healthcare’s Mirth Connect, versions before 4.4.1, are susceptible to unauthenticated RCE attacks. This exposure marks the second critical update for Mirth Connect in recent times.
CVE-2023-37679, another high-risk vulnerability found in June, prompted NextGen to release an update and subsequently Version 4.4.0 in July, aimed at preventing attackers from running arbitrary commands on host servers. The newer CVE-2023-43208 arises from an incomplete resolution of CVE-2023-37679.
Historically, Mirth Connect versions dating back to 2015/2016, especially those connected to the internet, are vulnerable, based on Horizon3.ai’s analysis linked to the National Vulnerability Database.
NextGen has faced multiple cybersecurity incidents this year. It suffered a ransomware attack by the BlackCat group in January, followed by a breach involving stolen credentials in April, affecting patient data and leading to a lawsuit against NextGen.
With healthcare IT vulnerabilities escalating sharply – a 437% increase in RCE vulnerabilities – agencies like the Cybersecurity and Infrastructure Security Agency (CISA) and the FBI have highlighted the heightened risks to healthcare systems and medical devices. Instances like the Medtronic cardiac device security flaw demonstrate the potential for cyber actors to compromise patient health.
NextGen Healthcare emphasizes the importance of security, advising users to upgrade to the latest Mirth Connect version, where this vulnerability is addressed.
