Apr 28, 2023

ICSMA-23-117-01, CVE-2023-1968: Critical Vulnerabilities in Illumina Universal Copy Service Could Allow Remote Code Execution

EMA Recognizes Armis

On April 27th the FDA and the U.S. Cybersecurity Infrastructure Security Agency (CISA) identified two critical vulnerabilities in the Illumina Universal Copy Service (UCS) software that could allow an attacker to take OS level actions on the following Ilumina devices MiSeqDx, NextSeq 550Dx, iScan, iSeq 100, MiniSeq, MiSeq, NextSeq 500, NextSeq 550, NextSeq 1000/2000, and NovaSeq 6000. The vulnerabilities are tracked by the CISA alert code ICSMA-23-117-01 and by NIST as CVE-2023-1968 and CVE-2023-1966.

The UCS software is used to manage Illumina sequencing instruments and the vulnerability could allow attackers to take remote control of devices, change settings and impact genomic data results or enable a breach of that data. 

According to a post from Illumina no reports have been received of this vulnerability having been exploited in the wild. Ilumina have also published a detailed advisory for affected customers including a patch to protect against any exploitation.

Armis customers that are concerned about this vulnerability can run the following query in the Armis Asset Intelligence And Security Platform:

in:devices brand:Illumina timeFrame:"7 Days" model:(iScan," iSeq"," MiniSeq"," MiSeq"," MiSeqDx"," NextSeq","NovaSeq")

Medical device vulnerabilities continue to be a critical concern for healthcare providers. Although new laws in the US will establish medical device security standards for manufacturers, this will not affect the millions of devices that are already in use. Recent research from Armis identified the medical and IoT devices having the highest risk in clinical environments with the following having critical severity unpatched Common Vulnerabilities and Exposures (CVEs).

  • 39% of nurse call systems
  • 27% of infusion pumps 
  • 56% of IP cameras 
  • 30% of printers 
  • Almost 1 in 5 (19%) connected medical devices are running unsupported OS versions.

More information on the threats and mitigations for medical devices can be found in the comprehensive Internet of Medical Things Security Playbook and in the recent panel discussion from ViVE: From Hacked to Hero: Cyber State of the Union. You can also register for our Healthcare Catch a Hacker virtual event to see how Armis can help you secure your care delivery organization.

Get Updates!

Sign up to receive the latest news