An issue was discovered on Thermo Fisher Ion Torrent OneTouch 2 INS1005527 devices. They run an SSH server accessible over the default port 22. The root account has a weak default password of ionadmin, and a password change policy for the root account is not enforced. Thus, an attacker with network connectivity can achieve root code execution. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
The device runs an SSH server listening on port 22 with a root account secured by the default password 'ionadmin'. Password change policy for the root account is not enforced, meaning the password can remain unchanged throughout the device's lifecycle. An attacker with network access to the device can log in via SSH using known, default credentials and obtain full root privileges without any additional escalation.
An attacker gains unlimited access to the system shell with root privileges, enabling complete device takeover, arbitrary code execution (RCE), data modification, and potential use of the device as an entry point to the laboratory network.
The manufacturer no longer issues updates for this product (no support). Recommended immediate actions: immediately change the default root password 'ionadmin' to a strong, unique password; isolate the device from public networks and unauthorized network segments (e.g., via firewall or VLAN); restrict access to port 22 only to trusted IP addresses; consider discontinuing the device and replacing it with a supported model.
Thermo Fisher Ion Torrent OneTouch 2 devices (model INS1005527) with Ion Torrent OneTouch 2 firmware. The vulnerability only affects products that are no longer supported by the manufacturer.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HThermofisher Ion Torrent Onetouch 2
HWThermofisherwszystkie wersjeThermofisher Ion Torrent Onetouch 2 Firmware
OSThermofisherwszystkie wersje
Related vulnerabilities
Niezabezpieczony serwer X11 w Thermo Fisher Ion Torrent OneTouch 2 umożliwia RCE z uprawnieniami root
Domyślne słabe poświadczenia w Thermo Fisher Torrent Suite Software
dataTaker DT8x dEX 1.72.007 allows remote attackers to compose programs or schedules, for purposes such as sen...
dataTaker DT80 dEX 1.50.012 allows remote attackers to obtain sensitive credential and configuration informati...
An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. One of the middlewares i...