CVE-2023-43208: NextGen Healthcare Mirth Connect Deserialization of
NextGen Healthcare Mirth Connect Deserialization of Untrusted Data Vulnerability. NextGen Healthcare Mirth Connect contains a deserialization of untrusted data vulnerability that allows for unauthenticated remote code execution via a specially crafted request.
- CISA KEV-listed (remediation due 2024-06-10)
- used in ransomware campaigns
- EPSS 94.4% (100.0% percentile)