CyberSecurity news

FlagThis - #Illumina

MalBot@malware.news - 52d

Illumina DNA Sequencer Vulnerable BIOS Found

Researchers at Eclypsium have uncovered critical security flaws in the Illumina iSeq 100 DNA gene sequencer. The device utilizes an outdated BIOS firmware implementation, employing Compatibility Support Mode (CSM) without Secure Boot or standard firmware write protections. This vulnerability allows an attacker with system access to overwrite the firmware. This could potentially disable the device entirely or install persistent malware.

The identified security gaps underscore the substantial risks associated with reusing commodity hardware and neglecting regular firmware updates. The lack of modern security measures in the iSeq 100 presents a major supply chain vulnerability. This also highlights the need for stringent security protocols and configuration management to protect devices that handle sensitive genomic data, as outlined by NIST guidelines published in 2023.

Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • malware.news: Genetic Engineering Meets Reverse Engineering: DNA Sequencer's Vulnerable BIOS
  • eclypsium.com: Genetic Engineering Meets Reverse Engineering: DNA Sequencer's Vulnerable BIOS
  • : Eclypsium identified BIOS/UEFI vulnerabilities in a popular DNA gene sequencer by healthcare technology vendor Illumina.
  • The Hacker News: Researchers Uncover Major Security Flaw in Illumina iSeq 100 DNA Sequencers
  • BleepingComputer: BIOS/UEFI vulnerabilities in the iSeq 100 DNA sequencer from U.S. biotechnology company Illumina could let attackers disable devices used for detecting illnesses and developing vaccines.
  • gbhackers.com: Critical BIOS/UEFI Vulnerabilities Allow Attackers To Overwrite System Firmware
  • securityonline.info: DNA Sequencer BIOS Vulnerabilities Pose Significant Supply Chain Risks
  • securityonline.info: DNA Sequencer BIOS Vulnerabilities Pose Significant Supply Chain Risks
  • ciso2ciso.com: Insecure Medical Devices — Illumina DNA Sequencer Illuminates Risks
Classification:
  • HashTags: #Illumina #BIOS #SupplyChain
  • Company: Illumina
  • Target: Illumina Sequencers
  • Product: iSeq 100
  • Feature: BIOS Vulnerability
  • Type: Vulnerability
  • Severity: Major

Blogs

Research Tools