Active!
An ICS Medical Advisory regarding Illumina Universal Copy Service (UCS) regarding binding to an unrestricted IP address and execution with unnecessary privileges. Successful exploitation of these vulnerabilities could allow an attacker to take any action at the operating system level.
CVE details:
- CVE-2023-1968 has been assigned a CVSS v3 base score of 10/10
- CVE-2023-1966 has been assigned a CVSS v3 base score of 7.4/10
In response, FDA issued a notification letter to health providers detailing the extent of the vulnerability and sourcing key materials and checkpoints for practitioners.
If your organization is impacted as a result of this vulnerability and require assistance from BIO-ISAC, please email help@isac.bio. We will continue to update the community regarding this vulnerability.