Healthcare providers using Illumina genetic sequencing instruments are advised to immediately patch the device software against a new vulnerability that could put patients in danger.
Affected devices include Illumina NextSeq 550Dx, MiSeqDx, NextSeq 500, NextSeq 550, MiSeq, iSeq, and MiniSeq next-generation sequencing instruments, the FDA said.
The vulnerability affects the Local Run Manager (LRM) software. An unauthorized user could exploit the vulnerability by:
- Taking control of the instrument remotely;
- Operating the system to alter settings, configurations, software, or data on the instrument or a customer’s network; or
- Impacting patient test results in the instruments intended to provide no results or incorrect results, altered results, or a potential data breach.
The medical devices are used to test for genetic conditions and genetic sequencing, the bug,could be exploited by threat actors to take over the Illumina instruments. That would allow them to alter the operating system, access a customer’s network, tamper with test results, or even steal data.
There are no reports of the bug being exploited, the FDA asks users to report any adverse events or suspected adverse events experienced with Illumina’s next-generation sequencing instruments.