The U.S. government has sounded the alarm about a critical software vulnerability found in genomics giant Illumina’s DNA sequencing devices, which hackers can exploit to modify or steal patients’ sensitive medical data.
In separate advisories released on Thursday, U.S. cybersecurity agency CISA and the U.S. Food and Drug Administration warned that the security flaw — tracked as CVE-2023-1968 with the maximum vulnerability severity rating of 10 out of 10 — allows hackers to remotely access an affected device over the internet without needing a password. If exploited, the bug could allow hackers to compromise devices to produce incorrect or altered results, or none at all.
The advisories also warn of a second vulnerability, tracked as CVE-2023-1966 with a lower severity rating of 7.4 out of 10. The bug could allow attackers to remotely upload and run malicious code at the operating system level, allowing them to alter settings and access sensitive data on the affected pro …
