Researchers discovered critical BIOS/UEFI vulnerabilities in the Illumina iSeq 100 DNA sequencer, where the device utilizes an outdated firmware implementation with CSM mode lacking essential security features like Secure Boot and firmware write protections.   The vulnerability window allows attackers to exploit the system, potentially overwriting the firmware to either disable the device or install malicious […]
  • Alphane Moon@lemmy.worldEnglish
    17·
    3 months ago

    Headline should have included that this for the iSeq 100.

    I am surprised that such devices are not air-gapped.

  • lurch (he/him)English
    2·
    3 months ago

    dood. if the attacker can access BIOS/UEFI of your DNA sequencer, the firmware is the least of your problems. i mean, it’s not great it’s vulnerable, but that tool should have a minimal hardened, read-only OS.