CISA warns of a new, actively exploited NextGen Healthcare Mirth Connect vulnerability

The US Cybersecurity and Infrastructure Security Agency (CISA) has added a new vulnerability to its Known Exploited Vulnerabilities (KEV) list, warning government agencies and other companies of active exploitation in the wild.

The new addition is a verified code execution vulnerability found in NextGen Healthcare Mirth Connect. It is being tracked as CVE-2023-43208 and has not yet been assigned a severity rating.