Feds warn of cybersecurity risks associated with OpenEMR

The Health Sector Cybersecurity Coordination Center published a brief Jan. 31 warning healthcare organizations about the three vulnerabilities associated with an older version of OpenEMR. 

Five things to know about the older version of OpenEMR and its vulnerabilities, according to the HHS:

  1. OpenEMR is used by approximately 100,000 medical providers serving more than 200 million patients.
  2. An older version of OpenEMR was found to have three vulnerabilities — unauthenticated file read, authenticated local file inclusion and authenticated reflected XSS.

  3. If the EHR system is not updated, these vulnerabilities could lead to hackers gaining access to the system and stealing sensitive information, according to the HHS.

  4. The vulnerabilities were highlighted in software development solution company Sonar's report and was addressed to OpenEMR on Oct. 24.

  5. On Nov. 30, OpenEMR released a patched version of the system.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars