Product Security Updates
Windows SPNEGO Remote Code Execution Vulnerability (CVE-2025-47981)
August 13th, 2025
On July 8th, 2025, Microsoft published vulnerability notice CVE-2025-47981 which impacts computer systems running Windows 10 or Windows 11 operating systems. This vulnerability has a base CVSS v3.1 score of 9.8 Critical.
Beckman Coulter Life Sciences has assessed the vulnerability for applicability to our products and impact to system security. Action is required for the products listed below if they are running Windows 10 or later.
| Product | Required Action |
|---|---|
| AQUIOS CL Flow Cytometer | Continue to install routine operating system patches following the instructions in Appendix F of the AQUIOS CL Flow Cytometer Instructions for Use. |
| Biomek 4000 Automated Liquid Handler | Ensure that the automatic Windows Update feature of your automation controller PC is enabled as described in the Biomek Software Reference Manual. |
| Biomek i-Series Automated Liquid Handlers | Ensure that the automatic Windows Update feature of your automation controller PC is enabled as described in the Biomek Software Reference Manual. |
| CellMek SPS Sample Preparation System | Continue to install routine operating system patches following the instructions in Appendix G of the CellMek SPS Sample Preparation Instrument Instructions for Use. |
| Cydem VT Automated Clone Screening System | Ensure that the automatic Windows Update feature of your automation controller PC is enabled as described in the Cydem VT Automated Cell Culture System Instructions for Use. |
| CytoFLEX Flow Cytometer | Review your configuration to ensure that a firewall is configured following the instructions in Appendix G of the CytoFLEX Platform Instructions for Use. Continue to install routine operating system patches following the instructions in Appendix G of the CytoFLEX Platform Instructions for Use. |
| CytoFLEX mosaic Spectral Detection Module | Review your configuration to ensure that a firewall is configured following the instructions in Appendix E of the CytoFLEX mosaic Spectral Detection Module Instructions for Use. Continue to install routine operating system patches following the instructions in Appendix E of the CytoFLEX mosaic Spectral Detection Module Instructions for Use. |
| CytoFLEX nano Flow Cytometer | Review your configuration to ensure that a firewall is configured following the instructions in Appendix C of the CytoFLEX nano Cytometer Instructions for Use. Continue to install routine operating system patches following the instructions in Appendix C of the CytoFLEX nano Cytometer Instructions for Use. |
| CytoFLEX SRT Benchtop Cell Sorter | Review your configuration to ensure that a firewall is configured following the instructions in Appendix E of the CytoFLEX SRT Cell Sorter Instructions for Use. Continue to install routine operating system patches following the instructions in Appendix E of the CytoFLEX SRT Cell Sorter Instructions for Use. |
| DxFLEX Flow Cytometer |
For devices using a Windows 10 workstation with a system image not provided by Beckman Coulter, a new, urgent operating system patch has been released for this product. Install the patch following the instructions in Appendix D of the DxFLEX Flow Cytometer Instructions for Use. Any RSUWIN10-DxFLEX cumulative operating system update dated July 2025 or later will mitigate the vulnerability. For devices using a Windows 10 workstation with a system image provided by Beckman Coulter, mitigations are in place to protect the product. Continue to install routine operating system patches following the instructions in Appendix D of the DxFLEX Flow Cytometer Instructions for Use. |
| Kaluza Analysis Software | Review your configuration to ensure that a firewall is configured following the instructions in Appendix G of the Kaluza Analysis Flow Cytometry Software Instructions for Use. Continue to install routine operating system patches following the instructions in Appendix G of the Kaluza Analysis Flow Cytometry Software Instructions for Use. |
| Kaluza C Analysis Software | Review your configuration to ensure that a firewall is configured following the instructions in Appendix G of the Kaluza C Flow Cytometry Software Instructions for Use. Continue to install routine operating system patches following the instructions in Appendix G of the Kaluza C Flow Cytometry Software Instructions for Use. |
| Navios Flow Cytometer | A new, urgent operating system patch has been released for this product. Install the patch following the instructions in Appendix C of the Navios Flow Cytometer Instructions for Use. Any RSU-WIN10-Navios cumulative operating system update dated July 2025 or later will mitigate the vulnerability. |
| Navios EX Flow Cytometer | A new, urgent operating system patch has been released for this product. Install the patch following the instructions in Appendix C of the Navios EX Flow Cytometer Instructions for Use. Any RSU-WIN10-NaviosEX cumulative operating system update dated July 2025 or later will mitigate the vulnerability. |
The following products have been assessed and have no required action:
- LS 13 320 XR Particle Size Analyzer
- Optima MAX-TL Ultracentrifuge
- Optima MAX-XP Ultracentrifuge
- TQ-Prep Workstation
This notice may be updated if our security risk assessment process indicates additional action is required. If you have questions about products that are not listed here, contact your authorized Beckman Coulter Field Service Representative.
MET ONE 3400+ Potential Credential Exposure (CVE-2025-0941)
February 18th, 2025
Beckman Coulter Life Sciences, through its vulnerability management processes, has identified a vulnerability in its MET ONE 3400+ Series instruments for which there is now a solution.
Specifically, under rare conditions, MET ONE 3400+ instruments running software version 1.0.41 may temporarily store credentials in plain text within a certain area of the system. Versions prior to 1.0.41 are not impacted. This data is not available to unauthenticated users.
Beckman Coulter Life Sciences has assessed this vulnerability as medium severity, with a score of 5.8 using the CVSS v3.1 specification.
The vulnerability has been fixed in software version 1.0.42. To upgrade to this software version, contact your authorized Beckman Coulter Field Service Representative.
Windows 10 IoT Enterprise LTSB 2015 Servicing Stack Update (CVE-2024-43491)
October 2nd, 2024
On September 10th, 2024, Microsoft published vulnerability notice CVE-2024-43491 which impacts computer systems running the Windows 10 Enterprise 2015 LTSB or Windows 10 IoT Enterprise 2015 LTSB operating systems. This vulnerability has a base CVSS v3.1 score of 9.8 Critical and has been added to the Known Exploited Vulnerabilities list by the United States Cybersecurity & Infrastructure Security Agency.
Beckman Coulter Life Sciences, through its vulnerability management processes, has identified the following products that are in scope of Microsoft’s notice CVE-2024-43491:
- i5 Automated Liquid Handler
- Biomek Automated Liquid Handler
- Biomek FXP Workstation
- Biomek NXP Automated
- Biomek 4000 Automated Liquid
This notice is only applicable to the above products using Windows 10 Enterprise 2015 LTSB or Windows 10 IoT Enterprise 2015 LTSB on their automation controller PCs. Users can check their Windows version by entering “winver” in the Run feature of the Start Menu of the PC.
Users of these devices are strongly advised to check that the automatic Windows Update feature of your automation controller PC is enabled as described in the Biomek Software Reference Manual (PN B56358). If automatic Windows updates have been disabled, users are strongly advised to apply the Windows patch KB5043083. Information for this patch can be found at the following site:
https://support.microsoft.com/en-us/topic/september-10-2024-kb5043083-os-build-10240- 20766-5a6c8182-b565-4b11-b127-97893b866ba1
