Illumina Local Run Manager — known CVE vulnerabilities
Every CVE whose affected-product data names Illumina Local Run Manager, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-1517 — CVSS 10.0 (critical): LRM utilizes elevated privileges. An unauthenticated malicious actor can upload and execute code remotely at the operating system level…
CVE-2022-1518 — CVSS 10.0 (critical): LRM contains a directory traversal vulnerability that can allow a malicious actor to upload outside the intended directory structure.
CVE-2022-1519 — CVSS 10.0 (critical): LRM does not restrict the types of files that can be uploaded to the affected product. A malicious actor can upload any file type…
CVE-2022-1521 — CVSS 9.1 (critical): LRM does not implement authentication or authorization by default. A malicious actor can inject, replay, modify, and/or intercept sensitive…
CVE-2022-1524 — CVSS 7.4 (high): LRM version 2.4 and lower does not implement TLS encryption. A malicious actor can MITM attack sensitive data in-transit, including…