CISA warns of actively exploited NextGen Healthcare Mirth Connect, patch now
Take action: If your organization is using Mirth Connect, start patching ASAP. As a temporary workaround, you can try to use it only via trusted isolated network connections to partners, but that's usually a difficult proposition for a multi-platform integration system. Now it's not a theoretical attack, start patching.
Learn More
CISA has issued a warning regarding the flaw NextGen Healthcare Mirth Connect that's actively exploited by hackers.
NextGen Healthcare Mirth Connect is an open-source integration engine used extensively in healthcare IT to facilitate the exchange of healthcare data between different systems.
Security researchers at Horizon3.ai, highlighted the potential impact of CVE-2023-43208, describing it as easily exploitable and cautioning that it could be used for initial access or to compromise sensitive healthcare data. Horizon3.ai notes over 1,200 internet-exposed instances of Mirth Connect.
Technical details and proof-of-concept (PoC) code were made available in mid-January 2024, with subsequent reports from The Shadowserver Foundation indicating that over 440 instances appeared impacted by CVE-2023-43208.
CISA has mandated that federal agencies patch their systems by June 10, 2024, to mitigate this risk.
