Researchers from Sonar have detailed three vulnerabilities in the open-source health record and medical practice management software OpenEMR. The flaws – an unauthenticated file read, authenticated local file inclusion, and authenticated reflected XSS – could be exploited to execute arbitrary system commands and steal patient data. All three flaws are fixed in OpenEMR version 7.0.0.
- Chris Patterson, one of our SANS.edu students, did a systematic code review of OpenEMR last year, also finding a few vulnerabilities. His research paper can be found here: How Secure Is Your Health Information? Electronic Medical Record Vulnerability Discovery
- The flaws are fixed in OpenEMR 7-0-0-Patch-2. Be sure to cross check the files in the patch as it will overwrite these if you’ve customized them.