This updated advisory is a follow-up to the original advisory titled ICSA-22-153-02 Illumina Local Run Manager that was published June 22, 2022, on the ICS webpage on cisa.gov/ics.
Successful exploitation of these vulnerabilities may allow an unauthenticated malicious actor to take control of the affected product remotely and take any action at the operating system level. An attacker could impact settings, configurations, software, or data on the affected product and interact through the affected product with the connected network.
The following devices and instruments using LRM software are affected:
Illumina In Vitro Diagnostic (IVD) devices:
- NextSeq 550Dx: LRM Versions 1.3 to 3.1
- MiSeq Dx: LRM Versions 1.3 to 3.1
LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level, which can allow an attacker to change settings, configurations, software, or access sensitive data on the affected product. An attacker could also exploit this vulnerability to access APIs not intended for general use and interact through the network.
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
