Threat Intelligence Report

Fusion Center Report: OpenEMR - Multiple Security Flaws Could Put Medical Records at Risk (English)

Researchers at Project Insecurity identified more than 30 bugs in OpenEMR, the world’s most popular open source software for managing medical records.

Report from EclecticIQ Fusion Center from Thursday 08 August 2018.

Key Findings:

  • Many of the vulnerabilities were classified as severe, leaving the personal information of almost 100 million patients potentially exposed to adversaries.
  • A majority of the vulnerabilities are related to the following: Cross Site Scripting (XSS) vulnerabilities, SQL injection, and remote code execution.
  • EclecticIQ analysts identified a small public listing, by country, of known current deployments of OpenEMR solutions in production and research environments.
  • Shodan results identified approximately 300 OpenEMR results, a large number in the U.S., with Germany and Singapore following.

Download Report

About EclecticIQ

EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.

EclecticIQ Fusion Center

EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.