—–BEGIN PGP SIGNED MESSAGE—–

Hash: SHA256

Multiple Vulnerabilities in C-DAC e-Sushrut Solution

Indian – Computer Emergency Response Team (https://www.cert-in.org.in)

Severity Rating: CRITICAL

Systems Affected

e-Sushrut, Hospital Management Information System (HMIS)

Overview

Multiple vulnerabilities have been reported in the e-Sushrut, which could allow an attacker to perform authentication bypass, gain unauthorized access to user accounts or data on the targeted system.

Target Audience:

End-users/ Administrators of e-Sushrut, Healthcare organizations and Patients.

Risk Assessment:

Risk of authentication bypass, unauthorized user account access, exposure of sensitive medical records.

Impact Assessment:

Account takeover, unauthorized access to user account, disclosure of sensitive patient data.

Description

e-Sushrut is a Hospital Management Information System (HMIS) developed and deployed by C-DAC. It is used for managing patient information, hospital workflows, and administrative processes in healthcare organizations.

1. Authentication Bypass Vulnerability (CVE-2026-42513 )

This vulnerability exists in e-Sushrut due to improper authentication logic that relies on client-side response parameters to determine authentication status. A remote attacker could exploit this vulnerability by intercepting and modifying the server response.

Successful exploitation of this vulnerability could allow the attacker to bypass authentication and gain unauthorized access to user accounts on the targeted system.

2. Sensitive Data Exposure Vulnerability (CVE-2026-42514 )

This vulnerability exists in e-Sushrut due to exposure of OTPs in plaintext within API responses. A remote attacker could exploit this vulnerability by intercepting API responses containing valid OTPs.

Successful exploitation of this vulnerability could allow an attacker to impersonate the target user and gain unauthorized access to user accounts on the targeted system.

3. Insecure Direct Object Reference (IDOR) Vulnerability (CVE-2026-42515 )

This vulnerability exists in e-Sushrut due to improper access control in resource access validation. An authenticated attacker could exploit this vulnerability by manipulating parameter in the API request URL to gain unauthorized access to sensitive information of patients on the targeted system.

4. Broken Access Control Vulnerability (CVE-2026-42516 )

This vulnerability exists in e-Sushrut due to improper authorization checks during resource access. An authenticated attacker could exploit this vulnerability by manipulating encoded parameters in the request URL to gain unauthorized access to patient accounts on the targeted system.

5. Cryptographic Failure Vulnerability (CVE-2026-42517 )

This vulnerability exists in e-Sushrut due to the use of reversible Base64 encoding for protecting sensitive data. An authenticated attacker could exploit this vulnerability by decoding and manipulating Base64-encoded parameters in the request URL to gain unauthorized access to sensitive information on the targeted system.

6. Information Disclosure Vulnerability (CVE-2026-42518 )

This vulnerability exists in e-Sushrut due to disclosure of sensitive information and hardcoded AES encryption keys in client-side JavaScript. An unauthenticated remote attacker could exploit this vulnerability by accessing the client-side JavaScript to extract sensitive information and cryptographic keys.

Successful exploitation of this vulnerability could lead to exposure of sensitive data and compromise of cryptographic protections on the targeted system.

Credit

These vulnerabilities are reported by Harsh Verma.

Solution

Contact C-DAC for upgrading e-Sushrut HMIS to latest version

Vendor Information

CDAC-Noida

https://www.cdac.in/index.aspx?id=ps_health_info_products

References

CDAC-Noida

https://www.cdac.in/index.aspx?id=ps_health_info_products

CVE Name

CVE-2026-42513

CVE-2026-42514

CVE-2026-42515

CVE-2026-42516

CVE-2026-42517

CVE-2026-42518

– —

Thanks and Regards,

CERT-In

Incident Response Help Desk

e-mail: incident@cert-in.org.in

Phone: +91-11-22902657

Toll Free Number: 1800-11-4949

Toll Free Fax : 1800-11-6969

Web: http://www.cert-in.org.in

PGP Fingerprint: A768 083E 4475 5725 B81A A379 2156 C0C0 B620 D0B4

PGP Key information:

https://www.cert-in.org.in/s2cMainServlet?pageid=CONTACTUS

Postal address:

Indian Computer Emergency Response Team (CERT-In)

Ministry of Electronics and Information Technology

Government of India

Electronics Niketan

6, C.G.O. Complex

New Delhi-110 003

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCAAdFiEE6r4Iam/Ey0c/KakL3jCgcSdcys8FAmnyGwwACgkQ3jCgcSdc

ys/L0A/+LZXSiR+yHU2f1sE/UNczIo4KSHQ3Jv6oBVDgqrSKNH7uu1cf717CQTpC

4Me37Fbb9onHn1v9ljtlbx46olwgHo8EFu0oak2f/DWWMZWOY9mAoFWnlg+7yBTF

uB3YyKGbF37QUuAFB7okMIL47hgPhcgJk5WszA5pchmh8nnCPBrKupfxz48xFnKk

x096W8LMRfw+HmlbA2TzmNZ0BLQ2LgiPDgZTSkEo+RUeMg7lseWgO2yIBJstgajs

wi8p+n99/Ymc6YUkc3OcJ/0RmitGE/4jaMhPrsRfT7N43ykdd7h9Mtibit70LffT

MPipp709h7E/yd9YYvyJ6k04DRWkWgPXf7csYhcghf3J4cLbHuHBh4yPoKUEF85L

Jw2wnNlA8VJtVB62zz8seaC/bfyGYQET/1nGKQSRojvlHZPwUAtddXWFqypxBu20

yqIpLcwhakY3irCGJXweo6l1uThshQl8Fu0An4WTs2B+Xiwm0IuEhLDN49Ek1ENJ

K8MtlR3iKOkCnUpxnRzJ7YRqSpNLm1HxbVPT0cOP8D5b7SI0gHNbo9rMjclXG/vD

cGDBdsqrpCx1RSwCuSplM1MsqFpD6y2JAFE5rCcersw91HfG9eVtPYJhvZWUgrtf

vDCBtHBQpThgnRNoGhTuuuZd7Ki1MqJnfWK4g5lPtNwCUel0u4Y=

=9hbu

—–END PGP SIGNATURE—–