• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
cisa warns of critical flaws in illumina's dna sequencing instruments

CISA Warns of Critical Flaws in Illumina’s DNA Sequencing Instruments

You are here: Home / General Cyber Security News / CISA Warns of Critical Flaws in Illumina’s DNA Sequencing Instruments
April 29, 2023

The U.S. Cybersecurity and Infrastructure Security Company (CISA) has unveiled an Industrial Regulate Systems (ICS) clinical advisory warning of a critical flaw impacting Illumina medical gadgets.

The issues effect the Common Duplicate Provider (UCS) software in the Illumina MiSeqDx, NextSeq 550Dx, iScan, iSeq 100, MiniSeq, MiSeq, NextSeq 500, NextSeq 550, NextSeq 1000/2000, and NovaSeq 6000 DNA sequencing devices.

The most significant of the flaws, CVE-2023-1968 (CVSS score: 10.), permits distant attackers to bind to uncovered IP addresses, thus creating it feasible to eavesdrop on network targeted traffic and remotely transmit arbitrary commands.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The 2nd issue relates to a case of privilege misconfiguration (CVE-2023-1966, CVSS score: 7.4) that could permit a distant unauthenticated malicious actor to upload and execute code with elevated permissions.

“Productive exploitation of these vulnerabilities could permit an attacker to acquire any action at the operating procedure degree,” CISA said. “A danger actor could impact options, configurations, software program, or data on the impacted item a threat actor could interact through the afflicted item through a linked network.”

The Food and Drug Administration (Fda) said an unauthorized person could weaponize the shortcoming to effects “genomic data effects in the devices supposed for scientific analysis, which include creating the devices to deliver no results, incorrect outcomes, altered results, or a probable facts breach.”

There is no evidence that the two vulnerabilities have been exploited in the wild. Users are proposed to use the fixes launched on April 5, 2023, to mitigate opportunity threats.

Forthcoming WEBINARLearn to Cease Ransomware with Actual-Time Defense

Be part of our webinar and learn how to stop ransomware attacks in their tracks with authentic-time MFA and assistance account security.

Help you save My Seat!

This is not the very first time extreme flaws have appear to gentle in Illumina’s DNA Sequencing Products. In June 2022, the enterprise disclosed numerous related vulnerabilities that could have been abused to seize regulate of influenced techniques.

The disclosure comes practically a month after the Fda issued new steering that will call for medical system makers to adhere to a set of cybersecurity prerequisites when submitting an application for a new merchandise.

This features a plan to check, discover, and handle “postmarket” cybersecurity vulnerabilities and exploits within just a reasonable time period of time, and style and sustain procedures to make sure the security of this sort of equipment by means of typical and out-of-band patches.

Found this write-up fascinating? Observe us on Twitter  and LinkedIn to go through far more unique articles we post.


Some pieces of this short article are sourced from:
thehackernews.com

Previous Post: «chatgpt is back in italy after addressing data privacy concerns ChatGPT is Back in Italy After Addressing Data Privacy Concerns
Next Post: Google Blocks 1.43 Million Malicious Apps, Bans 73,000 Bad Accounts in 2022 google blocks 1.43 million malicious apps, bans 73,000 bad accounts»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • New FjordPhantom Android Malware Targets Banking Apps in Southeast Asia
  • Qakbot Takedown Aftermath: Mitigations and Protecting Against Future Threats
  • Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan
  • Discover How Gcore Thwarted Powerful 1.1Tbps and 1.6Tbps DDoS Attacks
  • WhatsApp’s New Secret Code Feature Lets Users Protect Private Chats with Password
  • U.S. Treasury Sanctions North Korean Kimsuky Hackers and 8 Foreign Agents
  • Zyxel Releases Patches to Fix 15 Flaws in NAS, Firewall, and AP Devices
  • Zero-Day Alert: Apple Rolls Out iOS, macOS, and Safari Patches for 2 Actively Exploited Flaws
  • Google Unveils RETVec – Gmail’s New Defense Against Spam and Malicious Emails
  • North Korea’s Lazarus Group Rakes in $3 Billion from Cryptocurrency Hacks

Copyright © TheCyberSecurity.News, All Rights Reserved.