Authentication Vulnerability in Algo Edge Component by Roche Diagnostics
CVE-2024-13026

6.1MEDIUM

Key Information:

Vendor: Roche Diagnostics
Status: Algorithm Suite
Vendor: CVE Published:; 17 January 2025

🔔 Create Roche Diagnostics Vulnerability Alert

What is CVE-2024-13026?

An authentication vulnerability has been identified in the Algo Edge component, which is part of the navify® Algorithm Suite, used in laboratory networks. This vulnerability affects versions up to 2.1.1 and allows an attacker with adjacent network access to potentially craft valid authentication tokens, thus gaining unauthorized access to the Algo Edge system. Other components of the navify® Algorithm Suite remain unaffected. Organizations utilizing this software should evaluate their security posture and consider updating to mitigate potential risks.

Affected Version(s)

Algorithm Suite 0 < 2.1.2

References

https://diagnostics.roche.com/content/dam/diagnostics/Blu...

vendor-advisory

CVSS V4

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Attack Required:

Physical

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jan 17, 2025
Vulnerability Reserved
Dec 29, 2024