Critical NextGen Healthcare Mirth Connect Vulnerability Under Active Exploitation

The Cybersecurity and Infrastructure Security Agency (CISA) listed a severe remote code execution vulnerability in Mirth Connect—an open-source integration engine used in the healthcare industry—on its Known Exploited Vulnerability Catalog. This issue allows remote code execution and permits threat actors to compromise a vulnerable Mirth Connect Server. Patching is necessary to prevent exploitation. Even if Mirth Connect is not exposed to the Internet, patching should still be prioritized because of potential internal exploitation.