Critical Vulnerabilities In Illumina Universal Copy Service Devices
Take action: If you are using Illumina's UCS devices, patch immediately. When building systems, take care to limit service credential privileges and to which IP addresses the system should listen on for connections.
Learn More
Critical vulnerabilities that have been discovered in Illumina's Universal Copy Service (UCS) devices, which are used in genomic sequencing. The vulnerabilities could allow an attacker to remotely execute code, access sensitive information, or cause the device to crash. The vulnerabilities were discovered by researchers at cybersecurity firm Armis, who notified Illumina and worked with the company to develop patches.
The first vulnerability is a critical severity (CVSS 10.0) remote code execution flaw (CVE-2023-1968). The second issue (CVE-2023-1966) is a high-severity privilege escalation vulnerability (CVSS 7.4).
