Instruments with Illumina Universal Copy Service v2.x are vulnerable due to binding to an unrestricted IP address. An unauthenticated malicious actor could use UCS to listen on all IP addresses, including those capable of accepting remote communications.
References
Link | Resource |
---|---|
https://support.illumina.com/downloads/illumina-universal-copy-service-1-0.html | Vendor Advisory |
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-117-01 | Third Party Advisory US Government Resource |
Configurations
Configuration 1 (hide)
AND |
|
Configuration 2 (hide)
AND |
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
AND |
|
Configuration 8 (hide)
AND |
|
Configuration 9 (hide)
AND |
|
Configuration 10 (hide)
AND |
|
Configuration 11 (hide)
AND |
|
History
09 May 2023, 20:06
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
References | (MISC) https://support.illumina.com/downloads/illumina-universal-copy-service-1-0.html - Vendor Advisory | |
References | (MISC) https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-117-01 - Third Party Advisory, US Government Resource | |
First Time |
Illumina miniseq
Illumina iseq 100 Firmware Illumina nextseq 550 Firmware Illumina novaseq 6000 Firmware Illumina miseqdx Firmware Illumina nextseq 550 Illumina novaseq 6000 Illumina miseq Firmware Illumina nextseq 500 Illumina Illumina miniseq Firmware Illumina iseq 100 Illumina nextseq 550dx Illumina nextseq 500 Firmware Illumina iscan Illumina nextseq 2000 Firmware Illumina nextseq 1000 Firmware Illumina nextseq 1000 Illumina miseqdx Illumina nextseq 2000 Illumina nextseq 550dx Firmware Illumina miseq Illumina iscan Firmware |
|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CPE | cpe:2.3:o:illumina:nextseq_550dx_firmware:4.0:*:*:*:ruo:*:*:* cpe:2.3:o:illumina:novaseq_6000_firmware:1.8:*:*:*:*:*:*:* cpe:2.3:h:illumina:miseq:-:*:*:*:*:*:*:* cpe:2.3:o:illumina:novaseq_6000_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:illumina:miseqdx_firmware:*:*:*:*:-:*:*:* cpe:2.3:o:illumina:iscan_firmware:4.0.0:*:*:*:*:*:*:* cpe:2.3:o:illumina:miseq_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:illumina:nextseq_500_firmware:4.0:*:*:*:*:*:*:* cpe:2.3:o:illumina:iseq_100_firmware:*:*:*:*:*:*:*:* cpe:2.3:o:illumina:iscan_firmware:4.0.5:*:*:*:*:*:*:* cpe:2.3:o:illumina:nextseq_2000_firmware:1.4.1:*:*:*:*:*:*:* cpe:2.3:h:illumina:nextseq_2000:-:*:*:*:*:*:*:* cpe:2.3:o:illumina:miniseq_firmware:*:*:*:*:*:*:*:* cpe:2.3:h:illumina:miseqdx:-:*:*:*:*:*:*:* cpe:2.3:o:illumina:miseqdx_firmware:4.0:*:*:*:ruo:*:*:* cpe:2.3:h:illumina:novaseq_6000:-:*:*:*:*:*:*:* cpe:2.3:h:illumina:nextseq_500:-:*:*:*:*:*:*:* cpe:2.3:h:illumina:miniseq:-:*:*:*:*:*:*:* cpe:2.3:o:illumina:nextseq_1000_firmware:1.4.1:*:*:*:*:*:*:* cpe:2.3:h:illumina:iscan:-:*:*:*:*:*:*:* cpe:2.3:h:illumina:nextseq_550dx:-:*:*:*:*:*:*:* cpe:2.3:h:illumina:nextseq_1000:-:*:*:*:*:*:*:* cpe:2.3:h:illumina:iseq_100:-:*:*:*:*:*:*:* cpe:2.3:o:illumina:nextseq_550_firmware:4.0:*:*:*:*:*:*:* cpe:2.3:h:illumina:nextseq_550:-:*:*:*:*:*:*:* cpe:2.3:o:illumina:nextseq_550dx_firmware:*:*:*:*:-:*:*:* |
28 Apr 2023, 22:22
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-04-28 19:15
Updated : 2023-12-10 15:01
NVD link : CVE-2023-1968
Mitre link : CVE-2023-1968
CVE.ORG link : CVE-2023-1968
JSON object : View
Products Affected
illumina
- nextseq_550dx
- miseq
- nextseq_550dx_firmware
- nextseq_1000
- miniseq_firmware
- nextseq_550
- miseqdx
- miniseq
- nextseq_500
- iscan_firmware
- novaseq_6000_firmware
- nextseq_1000_firmware
- iscan
- nextseq_2000
- nextseq_500_firmware
- novaseq_6000
- miseqdx_firmware
- miseq_firmware
- iseq_100_firmware
- nextseq_550_firmware
- iseq_100
- nextseq_2000_firmware
CWE