Vulnerability in Illumina Iscan Control Software
CVE-2023-1968
Instruments with Illumina Universal Copy Service v2.x are vulnerable due to binding to an unrestricted IP address. An unauthenticated malicious actor could use UCS to listen on all IP addresses, including those capable of accepting remote…
EPSS: 0.001 (34.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 10.0 (Critical). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H.
Affected products
- Illumina Iscan Control Software — versions 4.0.0, 4.0.5
- Illumina Iseq 100 — versions All versions
- Illumina Miniseq Control Software — versions 2.0
- Illumina Miseq Control Software — versions 4.0 (RUO Mode)
- Illumina Miseqdx Operating Software — versions 4.0.1
- Illumina Nextseq 1000/2000 Control Software — versions 0
- Illumina Nextseq 500/550 Control Software — versions 4.0
- Illumina Nextseq 550dx Control Software — versions 4.0 (RUO Mode)
- Illumina Nextseq 550dx Operating Software — versions 1.0.0 , 1.3.3
- Illumina Novaseq 6000 Control Software — versions 0
Weakness classification (CWE)
References
Frequently asked questions
- What is CVE-2023-1968?
- CVE-2023-1968 is a critical-severity vulnerability in Illumina Iscan Control Software, classified under CWE-1327. CVSS score: 10.0/10. Published 2023-04-28.
- How severe is CVE-2023-1968?
- Critical severity. CVSS v3 base score is 10.0 out of 10.