What is the vulnerability?NextGen Healthcare Mirth Connect is vulnerable to unauthenticated remote code execution (CVE-2023-43208) caused due to an incomplete patch of a Command Injection flaw (CVE-2023-37679). Mirth Connect is an open-source data integration platform widely used by healthcare companies. It enables the management of information using bi-directional sending of many types of messages. Attackers could exploit this vulnerability for initial access or to compromise sensitive healthcare data. CISA has recently added CVE-2023-43208 to its Known Exploited Vulnerabilities (KEV) catalog on May 20th, 2024. What is the recommended Mitigation?Users are advised to update to the latest version of NextGen Healthcare Mirth Connect as per the vendor’s instructions. What FortiGuard Coverage is available?FortiGuard Labs released an IPS signature “NextGen.Healthcare.Mirth.Connect.Command.Injection” to detect and block attack attempts targeting the vulnerability (CVE-2023-37679 and CVE-2023-43208). The FortiGuard Incident Response team can be engaged to help with any suspected compromise.
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux
kernel contained a race condition during device removal, leading to a use-
after-free vulnerability. A physically proximate attacker could possibly
use this to cause a denial of service (system crash). (CVE-2023-47233)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– MAC80211 subsystem;
– Tomoyo security module;
(CVE-2024-26622, CVE-2023-52530)
Zheng Wang discovered that the Broadcom FullMAC WLAN driver in the Linux
kernel contained a race condition during device removal, leading to a use-
after-free vulnerability. A physically proximate attacker could possibly
use this to cause a denial of service (system crash). (CVE-2023-47233)
Several security issues were discovered in the Linux kernel.
An attacker could possibly use these to compromise the system.
This update corrects flaws in the following subsystems:
– Block layer subsystem;
– Userspace I/O drivers;
– Ceph distributed file system;
– Ext4 file system;
– JFS file system;
– NILFS2 file system;
– Bluetooth subsystem;
– Networking core;
– IPv4 networking;
– IPv6 networking;
– Logical Link layer;
– MAC80211 subsystem;
– Netlink;
– NFC subsystem;
– Tomoyo security module;
(CVE-2023-52524, CVE-2023-52530, CVE-2023-52601, CVE-2023-52439,
CVE-2024-26635, CVE-2023-52602, CVE-2024-26614, CVE-2024-26704,
CVE-2023-52604, CVE-2023-52566, CVE-2021-46981, CVE-2024-26622,
CVE-2024-26735, CVE-2024-26805, CVE-2024-26801, CVE-2023-52583)
Guido Vranken discovered that idna did not properly manage certain inputs,
which could lead to significant resource consumption. An attacker could
possibly use this issue to cause a denial of service.
