EUVD-2023-24154

Malicious code in bioql PyPI...

CISA Warns of Critical Flaws in Illumina's DNA Sequencing Instruments

The U.S. Cybersecurity and Infrastructure Security Agency CISA has released an Industrial Control Systems ICS medical advisory warning of a critical flaw impacting Illumina medical devices. The issues impact the Universal Copy Service UCS software in the Illumina MiSeqDx, NextSeq 550Dx, iScan, iS...

Illumina Universal Copy Service

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Illumina Equipment: Universal Copy Service UCS Vulnerabilities: Binding to an Unrestricted IP Address, Execution with Unnecessary Privileges 2. RISK EVALUATION Successful exploitation of these...

CVE-2023-1968

Illumina UCS (Universal Copy Service) CVE-2023-1968 affects Illumina instruments using UCS v2.x. Vulnerability arises from binding to an unrestricted IP address, allowing an unauthenticated attacker to listen on all IPs and potentially eavesdrop on network traffic and remotely transmit commands. ...

CVE-2023-1966

Illumina Universal Copy Service (UCS) vulnerability CVE-2023-1966 affects UCS v1.x and v2.x, permitting an unauthenticated attacker to upload and execute code at the operating system level. Affects multiple Illumina instruments/control software (e.g., iScan, iSeq 100, MiSeq/MiSeqDx, NextSeq, Nova...

CVE-2023-1966 CVE-2023-1966

Instruments with Illumina Universal Copy Service v1.x and v2.x contain an unnecessary privileges vulnerability. An unauthenticated malicious actor could upload and execute code remotely at the operating system level, which could allow an attacker to change settings, configurations, software, or...

CISA Warned About Critical Vulnerabilities in Illumina's DNA Sequencing Devices

The U.S. Cybersecurity and Infrastructure Security Agency CISA and Food and Drug Administration FDA have issued an advisory about critical security vulnerabilities in Illumina's next-generation sequencing NGS software. Three of the flaws are rated 10 out of 10 for severity on the Common...

Illumina Local Run Manager Code Injection Vulnerability

Illumina Local Run Manager is an integrated solution from Illumina, Inc. Illumina Local Run Manager is vulnerable to code injection, which could be exploited by attackers to remotely upload and execute code at the operating system level...

Illumina Local Run Manager Access Control Error Vulnerability

Illumina Local Run Manager is an integrated solution from Illumina, Inc. Designed to create sequencing runs, monitor run status, analyze sequencing data, and view results, Illumina Local Run Manager is vulnerable to an access control error that could be exploited by remote attackers to gain...

Illumina Local Run Manager Path Traversal Vulnerability

Illumina Local Run Manager is an integrated solution from Illumina, Inc. Designed to create sequencing runs, monitor run status, analyze sequencing data, and view results, Illumina Local Run Manager is vulnerable to a path traversal vulnerability that stems from an input validation error when...

Illumina Local Run Manager Information Disclosure Vulnerability

Illumina Local Run Manager is an integrated solution from Illumina, Inc. Designed to create sequencing runs, monitor run status, analyze sequencing data, and view results, Illumina Local Run Manager contains an information disclosure vulnerability that could be exploited by remote attackers to...

Illumina Local Run Manager File Upload Vulnerability

Illumina Local Run Manager is an integrated solution from Illumina, Inc. Designed to create sequencing runs, monitor run status, analyze sequencing data, and view results, Illumina Local Run Manager contains a file upload vulnerability that could be exploited by an attacker to upload any file typ...

Illumina Local Run Manager

1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low attack complexity Vendor: Illumina Equipment: Local Run Manager LRM Vulnerabilities: Path Traversal, Unrestricted Upload of File with Dangerous Type, Improper Access Control, Cleartext Transmission of Sensitive Information 2...

CISA Releases Security Advisory on Illumina Local Run Manager

CISA has released an Industrial Controls Systems Advisory ICSA detailing multiple vulnerabilities in Illumina Local Run Manager. Successful exploitation of these vulnerabilities may allow an unauthenticated malicious actor to take control of the affected product remotely and take any action at th...

Bio Basespace SDK 0.1.7 Ruby Gem exposes API Key via command line

Title: Bio Basespace SDK 0.1.7 Ruby Gem exposes API Key via command line Date: 11/15/2013 Author: Larry W. Cashdollar, @larry0 Download: http://rubygems.org/gems/bio-basespace-sdk Description: "BaseSpace Ruby SDK is a Ruby based Software Development Kit to be used in the development of Apps and...