PT-2022-3965 · Illumina · Illumina Local Run Manager
Published
2022-06-24
·
Updated
2023-08-08
·
CVE-2022-1517
CVSS v3.1
10
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Illumina Local Run Manager (affected versions not specified)
Description
The issue is related to incorrect code generation management in Illumina Local Run Manager. An unauthenticated malicious actor can upload and execute code remotely at the operating system level. This can allow an attacker to change settings, configurations, software, or access sensitive data on the affected product. The attacker could also exploit this vulnerability to access APIs not intended for general use and interact through the network.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Improper Privilege Management
Unrestricted File Upload
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Illumina Local Run Manager