CVE-2025-7674

HIGH

Roche Diagnostics navify Monitoring <1.08.00 - DoS

Title source: llm

Description

Improper Input Validation vulnerability in Roche Diagnostics navify Monitoring allows an attacker to manipulate input data, which may lead to a denial of service (DoS) due to negatively impacting the server's performance. This vulnerability has no impact on data confidentiality or integrity. This issue affects navify Monitoring before 1.08.00.

References (1)

Core 1

Core References

Various Sources vendor-advisory

https://preview-owp.roche.com/content/dam/diagnostics/Blueprint/en/pdf/navify%20Monitoring%20-%20API%20Input%20Validation%20Vulnerability%20-%20Product%20Security%20Advisory.pdf

Scores

CVSS v4 7.1

EPSS 0.0026

EPSS Percentile 17.1%

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:N/AU:Y/R:U/V:D/RE:M/U:Green

CISA SSVC

Vulnrichment

Exploitation none

Automatable yes

Technical Impact partial

Details

CWE

CWE-20

Status published

Products (1)

Roche Diagnostics/navify Monitoring < 1.08.00

Published Aug 05, 2025

Tracked Since Feb 18, 2026