DNA sequencing platform hit by serious security flaws

Universal Copy Service, a software suite used by medical laboratories across the world for DNA sequencing, carries two high-severity vulnerabilities that could allow threat actors to fully take over the targeted endpoints and exfiltrate sensitive data.

A joint security advisory from the US Cybersecurity Infrastructure Security Agency (CISA) and the FDA has urged users to patch the software as soon as possible.

“An unauthenticated malicious actor could upload and execute code remotely at the operating system level, which could allow an attacker to change settings, configurations, software, or access sensitive data on the affected product,” CISA’s warning reads.

Sensitive data

Universal Copy Service, developed by a California-based medical technology company called Illumina, is one of the most popular DNA sequencing tools on the planet. Research organizations, academic institutions, biotechnology firms and pharma companies in 140 countries frequently use the program, the publication says.

“On April 5, 2023, Illumina sent notifications to affected customers instructing them to check their instruments and medical devices for signs of potential exploitation of the vulnerability,” the FDA added.

As per the report, the two vulnerabilities are tracked as CVE-2023-1968, and CVE-2023-1966. The former is a 10/10, “critical” vulnerability that allows threat actors to listen in on all network traffic, consequently finding more vulnerable hosts on the network. Hackers could use it to send commands to the software, tweak settings, and even access sensitive data, the researchers said. The latter, on the other hand, is a 7.4/10, “high” severity vulnerability, allowing UCS users to run commands with elevated privileges.

As the vulnerabilities impact multiple Illumina products, there are different sets of mitigation measures, depending on the software in question. Illumina recommends doing different things, from updating system software, to configuring UCS account credentials, to closing specific firewall ports that might be abused.

The full list of vulnerable products can be found on this link.

Via: BleepingComputer

Go to Source