Cybersecurity researchers have uncovered firmware safety vulnerabilities within the Illumina iSeq 100 DNA sequencing instrument that, if efficiently exploited, may allow attackers to brick or plant persistent malware on inclined gadgets.
“The Illumina iSeq 100 used a really outdated implementation of BIOS firmware utilizing CSM [Compatibility Support Mode] mode and with out Safe Boot or normal firmware write protections,” Eclypsium stated in a report shared with The Hacker Information.
“This could permit an attacker on the system to overwrite the system firmware to both ‘brick’ the system or set up a firmware implant for ongoing attacker persistence.”
Whereas the Unified Extensible Firmware Interface (UEFI) is the fashionable alternative for the Primary Enter/Output System (BIOS), the firmware safety firm stated the iSeq 100 boots to an outdated model of BIOS (B480AM12 – 04/12/2018) that has identified vulnerabilities.
Additionally noticeably absent are protections to inform the {hardware} the place it might learn and write firmware, thereby permitting an attacker to change system firmware. Additionally not enabled is Safe Boot, thereby permitting malicious adjustments to the firmware to go undetected.
Eclypsium identified that it isn’t advisable for newer high-value belongings to assist CSM, because it’s mainly meant for outdated gadgets that may’t be upgraded and want to keep up compatibility. Following accountable disclosure, Illumina has launched a repair.
In a hypothetical assault state of affairs, an adversary may goal unpatched Illumina gadgets, escalate their privileges, and write arbitrary code to the firmware.
This isn’t the primary time extreme vulnerabilities have been disclosed in DNA gene sequencers from Illumina. In April 2023, a essential safety flaw (CVE-2023-1968, CVSS rating: 10.0) may have made it potential to listen in on community site visitors and remotely transmit arbitrary instructions.
“The power to overwrite firmware on the iSeq 100 would allow attackers to simply disable the system, inflicting important disruption within the context of a ransomware assault. This could not solely take a high-value system out of service, it could additionally probably take appreciable effort to get better the system through manually reflashing the firmware,” Eclypsium stated.
“This might considerably elevate the stakes within the context of a ransomware or cyberattack. Sequencers are essential to detecting genetic diseases, cancers, figuring out drug-resistant micro organism, and for the manufacturing of vaccines. This could make these gadgets a ripe goal for state-based actors with geopolitical motives along with the extra conventional monetary motives of ransomware actors.”