CVE-2023-43208

NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability

NextGen Healthcare Mirth Connect contains a deserialization of untrusted data vulnerability that allows for unauthenticated remote code execution via a specially crafted request. Vendor/Product: NextGen Healthcare Mirth Connect. Added to CISA KEV 2024-05-20; required action: Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Category: Vulnerability, Known Exploited

Reference: NVD CVE-2023-43208