Get in Touch
Please get in touch using the form below.
Critical vulnerability disclosed in DNA sequencing systems
Target Industry
Healthcare Sector
Overview
The U.S. Cybersecurity Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have released a disclosure pertaining to two security vulnerabilities that affect Illumina’s Universal Copy Service (UCS), which is used for DNA sequencing in labs and medical facilities.
The first flaw is tracked as CVE-2023-1968 and allows an unauthenticated threat actor to use UCS to listen on all IP addresses, including those capable of accepting remote communications.
The second is tracked as CVE-2023-1966, which relates to a security misconfiguration allowing users of UCS to execute commands with elevated privileges.
Impact
Exploitation of these vulnerabilities could allow a threat actor to upload and execute code remotely at the operating system level, which could lead to the modification of settings, configurations, software, or the access of sensitive data on the affected product.
Incident Detection
Security updates have been released for vulnerabilities in the affected product versions. As such, previous versions are vulnerable to potential exploit.
Affected Products
– iScan Control Software: v4.0.0
– iScan Control Software: v4.0.5
– iSeq 100: All versions
– MiniSeq Control Software: v2.0 and newer
– MiSeq Control Software: v4.0 (RUO Mode)
– MiSeqDx Operating Software: v4.0.1 and newer
– NextSeq 500/550 Control Software: v4.0
– NextSeq 550Dx Control Software: v4.0 (RUO Mode)
– NextSeq 550Dx Operating Software: v1.0.0 to 1.3.1
– NextSeq 550Dx Operating Software: v1.3.3 and newer
– NextSeq 1000/2000 Control Software: v1.7 and prior
– NovaSeq 6000 Control Software: v1.7 and prior
– NovaSeq Control Software: v1.8
Containment, Mitigations & Remediations
The Illumina Advisory contains the relevant remediation instructions for the affected product versions. It is strongly recommended that the associated steps are adhered to as soon as possible.
CISA also recommends that these steps are followed:
– Minimise the exposure of the affected systems to the internet as much as possible
– Utilise firewalls to isolate systems from the wider network
– Utilise VPNs when remote access is required
Indicators of Compromise
No specific Indicators of Compromise (IoCs) are available currently.
Threat Landscape
Illumina is a medical technology company that develops and manufactures advanced bioanalysis and DNA sequencing machines. Their systems are some of the most widely used for DNA sequencing in the healthcare sector, spanning 140 countries.
Threat Group
No attribution to specific threat actors or groups has been identified at the time of writing.
Mitre Methodologies
Tactic:
– TA0002 – Execution
Tactic:
– TA0004 – Privilege Escalation