Get in Touch

Get in Touch

Get in Touch

Please get in touch using the form below.

Close form

Home / Threat Intelligence bulletins / Critical vulnerability disclosed in DNA sequencing systems

Target Industry

Healthcare Sector

Overview

The U.S. Cybersecurity Infrastructure Security Agency (CISA) and the Food and Drug Administration (FDA) have released a disclosure pertaining to two security vulnerabilities that affect Illumina’s Universal Copy Service (UCS), which is used for DNA sequencing in labs and medical facilities.

The first flaw is tracked as CVE-2023-1968 and allows an unauthenticated threat actor to use UCS to listen on all IP addresses, including those capable of accepting remote communications.

The second is tracked as CVE-2023-1966, which relates to a security misconfiguration allowing users of UCS to execute commands with elevated privileges.

Impact

Exploitation of these vulnerabilities could allow a threat actor to upload and execute code remotely at the operating system level, which could lead to the modification of settings, configurations, software, or the access of sensitive data on the affected product.

Incident Detection

Security updates have been released for vulnerabilities in the affected product versions. As such, previous versions are vulnerable to potential exploit.

Affected Products

– iScan Control Software: v4.0.0

– iScan Control Software: v4.0.5

– iSeq 100: All versions

– MiniSeq Control Software: v2.0 and newer

– MiSeq Control Software: v4.0 (RUO Mode)

– MiSeqDx Operating Software: v4.0.1 and newer

– NextSeq 500/550 Control Software: v4.0

– NextSeq 550Dx Control Software: v4.0 (RUO Mode)

– NextSeq 550Dx Operating Software: v1.0.0 to 1.3.1

– NextSeq 550Dx Operating Software: v1.3.3 and newer

– NextSeq 1000/2000 Control Software: v1.7 and prior

– NovaSeq 6000 Control Software: v1.7 and prior

– NovaSeq Control Software: v1.8

Containment, Mitigations & Remediations

The Illumina Advisory contains the relevant remediation instructions for the affected product versions. It is strongly recommended that the associated steps are adhered to as soon as possible.

CISA also recommends that these steps are followed:

– Minimise the exposure of the affected systems to the internet as much as possible

– Utilise firewalls to isolate systems from the wider network

– Utilise VPNs when remote access is required

Indicators of Compromise

No specific Indicators of Compromise (IoCs) are available currently.

Threat Landscape

Illumina is a medical technology company that develops and manufactures advanced bioanalysis and DNA sequencing machines. Their systems are some of the most widely used for DNA sequencing in the healthcare sector, spanning 140 countries.

Threat Group

No attribution to specific threat actors or groups has been identified at the time of writing.

Mitre Methodologies

Tactic:
TA0002 – Execution

Tactic:
TA0004 – Privilege Escalation

Further Information

CISA Advisory

Illumina Advisory

Intelligence Terminology Yardstick