Cybersecurity researchers have uncovered firmware safety vulnerabilities within the Illumina iSeq 100 DNA sequencing instrument that, if efficiently exploited, may allow attackers to brick or plant persistent malware on vulnerable units.
“The Illumina iSeq 100 used a really outdated implementation of BIOS firmware utilizing CSM [Compatibility Support Mode] mode and with out Safe Boot or customary firmware write protections,” Eclypsium mentioned in a report shared with The Hacker Information.
“This might permit an attacker on the system to overwrite the system firmware to both ‘brick’ the machine or set up a firmware implant for ongoing attacker persistence.”
Whereas the Unified Extensible Firmware Interface (UEFI) is the trendy substitute for the Primary Enter/Output System (BIOS), the firmware safety firm mentioned the iSeq 100 boots to an previous model of BIOS (B480AM12 – 04/12/2018) that has identified vulnerabilities.
Additionally noticeably absent are protections to inform the {hardware} the place it might probably learn and write firmware, thereby permitting an attacker to switch machine firmware. Additionally not enabled is Safe Boot, thereby permitting malicious adjustments to the firmware to go undetected.
Eclypsium identified that it isn’t advisable for newer high-value property to assist CSM, because it’s mainly meant for previous units that may’t be upgraded and wish to take care of compatibility. Following accountable disclosure, Illumina has launched a repair.
In a hypothetical assault state of affairs, an adversary may goal unpatched Illumina units, escalate their privileges, and write arbitrary code to the firmware.
This isn’t the primary time extreme vulnerabilities have been disclosed in DNA gene sequencers from Illumina. In April 2023, a vital safety flaw (CVE-2023-1968, CVSS rating: 10.0) may have made it attainable to snoop on community visitors and remotely transmit arbitrary instructions.
“The power to overwrite firmware on the iSeq 100 would allow attackers to simply disable the machine, inflicting vital disruption within the context of a ransomware assault. This might not solely take a high-value machine out of service, it will additionally probably take appreciable effort to get well the machine by way of manually reflashing the firmware,” Eclypsium mentioned.
“This might considerably elevate the stakes within the context of a ransomware or cyberattack. Sequencers are vital to detecting genetic diseases, cancers, figuring out drug-resistant micro organism, and for the manufacturing of vaccines. This might make these units a ripe goal for state-based actors with geopolitical motives along with the extra conventional monetary motives of ransomware actors.”
