all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

OpenEMR Vulnerabilities Endanger Patient Information

Add to bookmarks
Feb. 15, 2023, 10:11 p.m. |

FortiGuard Labs | FortiGuard Center - Threat Signal Report fortiguard.fortinet.com

FortiGuard Labs is aware of a report that OpenEMR (Electronic Medical Records) released a patch for three vulnerabilities on November 30, 2022, two of which can be chained for remote code execution. Since OpenEMR is used to digitally manage health records of patient and supports electronic billing, successful exploitation can result in a confidential data leak.Why is this Significant?This is significant because approximately 100,000 healthcare institutions reportedly use OpenEMR to manage 200 million patients. Failing to update OpenEMR to the …

aware billing code code execution confidential data data leak exploitation health healthcare information institutions labs leak manage medical november openemr patch patients remote code remote code execution report result vulnerabilities

Visit resource

More from fortiguard.fortinet.com / FortiGuard Labs | FortiGuard Center - Threat Signal Report

Ignite Realtime Openfire Path Traversal Vulnerability (CVE-2023-32315) 9 hours ago | fortiguard.fortinet.com
CrushFTP VFS Sandbox Escape Vulnerability (CVE-2024-4040) 1 day, 13 hours ago | fortiguard.fortinet.com
attackers attacks cisa cisa known exploited vulnerabilities +27
ArcaneDoor Attack (CVE-2024-20353 and CVE-2024-20359) 1 week ago | fortiguard.fortinet.com
adaptive security advisory april arcanedoor +22
Akira Ransomware Attack (CVE-2023-20269 and CVE-2020-3259) 1 week ago | fortiguard.fortinet.com
access advisory akira akira ransomware +17
PAN-OS Critical Flaw in GlobalProtect Gateway (CVE-2024-3400) 2 weeks, 2 days ago | fortiguard.fortinet.com
advisory attack code code injection +27
XZ Utils Supply Chain Attack (CVE-2024-3094) 4 weeks ago | fortiguard.fortinet.com
attack code compression cve +25
Nice Linear eMerge Command Injection Vulnerability (CVE-2019–7256) 1 month ago | fortiguard.fortinet.com
access attacker code code execution +25
Jenkins Arbitrary File Read Vulnerability (CVE-2024-23897) 1 month ago | fortiguard.fortinet.com
access application application developers attackers +31
Kimsuky Malware Attack 1 month ago | fortiguard.fortinet.com
attack cyber entities espionage +15

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Senior Software Engineer, Security

@ Niantic | Zürich, Switzerland
View on infosec-jobs.com

Consultant expert en sécurité des systèmes industriels (H/F)

@ Devoteam | Levallois-Perret, France
View on infosec-jobs.com

Cybersecurity Analyst

@ Bally's | Providence, Rhode Island, United States
View on infosec-jobs.com

Digital Trust Cyber Defense Executive

@ KPMG India | Gurgaon, Haryana, India
View on infosec-jobs.com

Program Manager - Cybersecurity Assessment Services

@ TestPros | Remote (and DMV), DC
View on infosec-jobs.com
View more jobs