← Back to home
ICSMA-19-241-01  ·  Published 2019-08-29  ·  View on CISA ICS-CERT ↗

Change Healthcare McKesson and Horizon Cardiology

CVSS 7.8 HIGH

Risk Summary

Successful exploitation of this vulnerability could allow a locally authenticated user to insert specially crafted files that could result in arbitrary code execution.

CVEs (1)

Remediations

  • Change Healthcare recommends users of the affected versions contact Change Healthcare Support as soon as possible to arrange installation of the supplied patch; To contact Change Healthcare Support please call:
  • https://www.fda.gov/MedicalDevices/DigitalHealth/ucm373213.htm

Affected Vendors

Change Healthcare

Affected Products (5)

Change Healthcare · Change Healthcare Cardiology 14.1.x
Change Healthcare · Horizon Cardiology 12.x
Change Healthcare · McKesson Cardiology 14.x
Change Healthcare · McKesson Cardiology 13.x
Change Healthcare · Horizon Cardiology <= 11.x

Affected Sectors

Healthcare and Public Health

Get alerted to advisories like this

OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.

Start free trial Learn more