top of page

Active Alerts

As a reminder, BIO-ISAC will facilitate the ethical submission of your findings, please view our disclosure process for more information.

Illumina CVE
April 2023

Active! An ICS Medical Advisory regarding Illumina Universal Copy Service (UCS) regarding binding to an unrestricted IP address and execution with unnecessary privileges. Successful exploitation of these vulnerabilities could allow an attacker to take any action at the operating system level.

CVE details: 

- CVE-2023-1968 has been assigned a CVSS v3 base score of 10/10 

CVE-2023-1966 has been assigned a CVSS v3 base score of 7.4/10 

In response, FDA issued a notification letter to health providers detailing the extent of the vulnerability and sourcing key materials and checkpoints for practitioners. 

If your organization is impacted as a result of this vulnerability and require assistance from BIO-ISAC, please email help@isac.bio. We will continue to update the community regarding this vulnerability.

Illumina CVE
June 2022

Active! Critical Vulnerability in Illumina software (LRM) - CVSS 10/10 - Fix ASAP

(Includes hashes for patch, as verified with Illumina by BIO-ISAC)

BIO-ISAC has followed up on this vulnerability and has been able to positively confirm the hashes (file identity signature) for the patch that Illumina created for these critical vulnerabilities. Many of you asked for confirmation and BIO-ISAC engaged with Illumina to ensure that you are not installing a maliciously modified or patch that an opportunist attacker may have taken advantage of given that Illumina had not publicly confirmed the hashes for the correct patch - information below. 

 

Patch File Name: LocalRunManagerSecurityPatch.msi

SHA256: 595b724f1c5b4bac446001400b38b748b4ef05520b5489ea4711a2a4289e721a

SHA512: 52b5cfdc462b10011027e94f184c2f0da25b0b1363fddb7fa5793938d11f976259a7f73e77c2fd157f560439ec3df70446aa561b586dc8ef94db2ed95fcce841

For those of you who are not yet members of the BIO-ISAC, please consider joining the organization - it helps us do this vital work of engagement and vulnerability disclosure/follow through. Membership in the org also allows us to create programs like our emergency threat hunting service with our founding member John Hopkins Advanced Physics Laboratory (JHU APL). More about that program, including how to become involved for your organization, is detailed here: https://www.wired.com/story/biotech-security-threats/ and https://www.isac.bio/post/bio-isac-partners-to-provide-free-emergency-threat-hunting-service-to-bioeconomy-companies.

Thank you again to everyone involved. 

Tardigrade

Active! An APT attack on vaccine manufacturing infrastructure.  More info.

bottom of page