Even DNA Sequencing machines aren’t spared today – Warning from CISA ignored

DNA or Deoxyribo Nucleic Acid is the structural and functional characteristic of every human being, the hereditary material in humans and almost all other organisms. Nearly every cell in a person’s body has the same DNA. With technological advancements, DNA can now be sequenced at ease and that too in shorter time frames. The process of DNA sequencing is undoubtedly a milestone in the field Biomedical engineering and bioinformatics. DNA sequencing refers to the general laboratory technique for determining the exact sequence of nucleotides, or bases, in a DNA molecule. The sequence of the bases (often referred to by the first letters of their chemical names: A, T, C, and G) encodes the biological information that cells use to develop and operate. The Cybersecurity and Infrastructure Security Agency (CISA) had warned of critical vulnerabilities with the use of Illumina’s DNA sequencing machine software.

Source : Reference

The software running to support the machine has been reported to contain critical vulnerabilities, 3 out of the 10 vulnerabilities are reported to have a severity score of 10.0. These vulnerabilities in the software have been deemed to impact the “clinical diagnostic use in sequencing a person’s DNA or testing for various genetic conditions, or for research use only” as per the Hacker news.  According to CISA, they’ve released an Industrial Controls Systems Advisory (ICSA) detailing multiple vulnerabilities in Illumina Local Run Manager. Successful exploitation of these vulnerabilities may allow an unauthenticated malicious actor to take control of the affected product remotely and take any action at the operating system level. These vulnerabilities could impact settings, configurations, software, or data on the affected product and interact through the affected product with the connected network.

The CVEs have been listed below

  • CVE-2022-1517 (CVSS score: 10.0) – A remote code execution vulnerability at the operating system level that could allow an attacker to tamper with settings and access sensitive data or APIs.
  • CVE-2022-1518 (CVSS score: 10.0) – A directory traversal vulnerability that could allow an attacker to upload malicious files to arbitrary locations.
  • CVE-2022-1519 (CVSS score: 10.0) – An issue with the unrestricted upload of any file type, allowing an attacker to achieve arbitrary code execution.
  • CVE-2022-1521 (CVSS score: 9.1) – A lack of authentication in LRM by default, enabling an attacker to inject, modify, or access sensitive data.
  • CVE-2022-1524 (CVSS score: 7.4) – A lack of TLS encryption for LRM versions 2.4 and lower that could be abused by an attacker to stage a man-in-the-middle (MitM) attack and access credentials.

We can see that CVE IDs 1517, 1518 and 1519 are known to have detrimental effects on exploitation. Some of the impacts include access of sensitive data through APIs, allowing attackers to upload malicious files and worst even letting the threat actors to execute these arbitrary codes. Furthermore, some of the vulnerabilities can even let attackers perform injection attacks and MiTM attacks as well. While there are currently no evidence proving that the flaws have been exploited but there is definitely a need to keep the systems and software running the latest patches. If research purposes tools and technologies can be exploited and manhandled, how far are we away from ensuring that personal medical history is not at stake and risk of being exploited!

Published by The Art of Cyber-Space

I am a security professional specializing in network security. With vivid experience in different industries, I am looking to explore the current cyberspace and discuss the ideology of neuroscience and neurotechnology research from a security perspective. I love exploring various blog posts and share knowledge about the current threat landscape to instill more cybersecurity awareness.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: