CVE-2023-1966

CVSS V2 None CVSS V3 None

Description

Instruments with Illumina Universal Copy Service v1.x and v2.x contain an unnecessary privileges vulnerability. An unauthenticated malicious actor could upload and execute code remotely at the operating system level, which could allow an attacker to change settings, configurations, software, or access sensitive data on the affected product.

Overview

CVE ID
CVE-2023-1966

Assigner
ics-cert@hq.dhs.gov

Vulnerability Status
Received

Published Version
2023-04-28T19:15:16

Last Modified Date
2023-04-28T19:15:16

Weakness Enumerations

CWE	URL
CWE-250	http://cwe.mitre.org/data/definitions/250.html

References

Reference URL	Reference Tags
https://support.illumina.com/downloads/illumina-universal-copy-service-1-0.html
https://www.cisa.gov/news-events/ics-medical-advisories/icsma-23-117-01

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-1966
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1966

History

Created	Old Value	New Value	Data Type	Notes
2023-04-28 20:01:26				Added to TrackCVE
2023-04-28 20:01:29			Weakness Enumeration	new