Jul 6, 2024 1 min read

OpenEMR, widely adopted by over 100,000 medical providers to manage records of more than 200 million patients, identified three critical vulnerabilities within an older version of its software. Spotted by Sonar, these vulnerabilities - Unauthenticated File Read, Authenticated Local File Inclusion, and Authenticated Reflected XSS - possess the potential for enabling ransomware and data breach attacks, posing serious threats. The risks apply to data integrity and accessibility of patient information. Although patches were released in the updated OpenEMR version 7.0.0, those using outdated versions remain exposed to the exploitable weaknesses, which if leveraged by cybercriminals, could lead to substantial data compromises. An immediate update to the software is urged to safeguard patient data and thwart potential cybersecurity incidents.


"id": "ope452070624",
"linkid": "openemr",
"type": "Vulnerability",
"date": "2/2023",
"severity": "100",
"impact": "4",
"explanation": "Attack with significant impact with customers data leaks"

Join the conversation

Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.