Cybersecurity researchers have exposed firmware safety vulnerabilities within the Illumina iSeq 100 DNA sequencing tool that, if effectively exploited, may allow attackers to brick or plant power malware on prone units.
“The Illumina iSeq 100 used an excessively old-fashioned implementation of BIOS firmware the use of CSM [Compatibility Support Mode] mode and with out Protected Boot or usual firmware write protections,” Eclypsium stated in a record shared with The Hacker Information.
“This could permit an attacker at the device to overwrite the device firmware to both ‘brick’ the software or set up a firmware implant for ongoing attacker endurance.”
Whilst the Unified Extensible Firmware Interface (UEFI) is the trendy substitute for the Fundamental Enter/Output Machine (BIOS), the firmware safety corporate stated the iSeq 100 boots to an outdated model of BIOS (B480AM12 – 04/12/2018) that has identified vulnerabilities.
Additionally noticeably absent are protections to inform the {hardware} the place it may well learn and write firmware, thereby permitting an attacker to change software firmware. Additionally now not enabled is Protected Boot, thereby permitting malicious adjustments to the firmware to move undetected.
Eclypsium identified that it isn’t really helpful for more recent high-value belongings to give a boost to CSM, as it is mainly intended for outdated units that cannot be upgraded and want to handle compatibility. Following accountable disclosure, Illumina has launched a repair.
In a hypothetical assault state of affairs, an adversary may goal unpatched Illumina units, escalate their privileges, and write arbitrary code to the firmware.
This isn’t the primary time critical vulnerabilities had been disclosed in DNA gene sequencers from Illumina. In April 2023, a crucial safety flaw (CVE-2023-1968, CVSS rating: 10.0) will have made it conceivable to listen in on community visitors and remotely transmit arbitrary instructions.
“The facility to overwrite firmware at the iSeq 100 would permit attackers to simply disable the software, inflicting important disruption within the context of a ransomware assault. This could now not most effective take a high-value software out of carrier, it will additionally most probably take substantial effort to get better the software by the use of manually reflashing the firmware,” Eclypsium stated.
“This might considerably carry the stakes within the context of a ransomware or cyberattack. Sequencers are crucial to detecting genetic diseases, cancers, figuring out drug-resistant micro organism, and for the manufacturing of vaccines. This could make those units a ripe goal for state-based actors with geopolitical motives along with the extra conventional monetary motives of ransomware actors.”