CVE-2023-43208:CVE-2023-43208 is a critical vulnerability in NextGen Healthcare Mirth Connect prior to version 4.4.1, allowing unauthenticated remote code execution due to an incomplete patch of CVE-2023-37679.

splash
Back

Description Preview

NextGen Healthcare Mirth Connect versions before 4.4.1 are susceptible to a critical vulnerability that enables unauthenticated remote code execution. This vulnerability arises from an incomplete patch of a previously identified issue (CVE-2023-37679), which means that attackers can exploit the flaw to execute arbitrary commands on the server without any authentication. The vulnerability has a CVSS v3.1 score of 9.8, indicating a high severity level with significant impacts on confidentiality, integrity, and availability.

Overview

  • Vulnerability Type: Remote Code Execution (RCE)
  • Affected Product: NextGen Healthcare Mirth Connect
  • Affected Versions: All versions prior to 4.4.1
  • CWE Identifiers:
    • CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
    • CWE-502: Deserialization of Untrusted Data
  • CVSS v3.1 Score: 9.8 (Critical)
    • Attack Vector: Network
    • Attack Complexity: Low
    • Privileges Required: None
    • User Interaction: None
    • Confidentiality Impact: High
    • Integrity Impact: High
    • Availability Impact: High

Remediation

To mitigate the risk associated with CVE-2023-43208, users of NextGen Healthcare Mirth Connect should upgrade to version 4.4.1 or later. It is crucial to apply this update as soon as possible to protect against potential exploitation of this vulnerability. Additionally, organizations should review their security policies and practices to ensure that they are adequately protecting their systems against similar vulnerabilities in the future.

References

  1. Horizon3.ai - NextGen Mirth Connect Remote Code Execution Vulnerability CVE-2023-43208
  2. Packet Storm Security - Mirth Connect 4.4.0 Remote Command Execution
  3. CISA Known Exploited Vulnerabilities Catalog (Reference date: 2024-05-20)

Early Warning

Customers using Armis Early Warning were notified about this vulnerability before it appeared in CISA's Known Exploited Vulnerabilities Catalog, enabling them to assess their exposure and act proactively. Armis offers these examples of CVEs already included in CISA KEV for potential customers. Click here to learn how to receive alerts earlier.

Armis Alert Date
Oct 26, 2023
CISA KEV Date
May 20, 2024
207days early

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Health Care & Social Assistance: Medium
    Health Care & Social Assistance
  2. Manufacturing: Low
    Manufacturing
  3. Public Administration: Low
    Public Administration
  4. Educational Services: Low
    Educational Services
  5. Management of Companies & Enterprises: Low
    Management of Companies & Enterprises
  6. Finance and Insurance: Low
    Finance and Insurance
  7. Information: Low
    Information
  8. Professional, Scientific, & Technical Services: Low
    Professional, Scientific, & Technical Services
  9. Accommodation & Food Services: Low
    Accommodation & Food Services
  10. Administrative, Support, Waste Management & Remediation Services: Low
    Administrative, Support, Waste Management & Remediation Services
  11. Agriculture, Forestry Fishing & Hunting: Low
    Agriculture, Forestry Fishing & Hunting
  12. Arts, Entertainment & Recreation: Low
    Arts, Entertainment & Recreation
  13. Construction: Low
    Construction
  14. Mining: Low
    Mining
  15. Other Services (except Public Administration): Low
    Other Services (except Public Administration)
  16. Real Estate Rental & Leasing: Low
    Real Estate Rental & Leasing
  17. Retail Trade: Low
    Retail Trade
  18. Transportation & Warehousing: Low
    Transportation & Warehousing
  19. Utilities: Low
    Utilities
  20. Wholesale Trade: Low
    Wholesale Trade

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background