Improper Input Validation in Roche Diagnostics navify Monitoring
CVE-2025-7674

7.1HIGH

Key Information:

Vendor: Roche Diagnostics
Status: Navify Monitoring
Vendor: CVE Published:; 5 August 2025

🔔 Create Roche Diagnostics Vulnerability Alert

What is CVE-2025-7674?

Roche Diagnostics' navify Monitoring is affected by an improper input validation vulnerability, which allows attackers to manipulate input data leading to a denial of service (DoS). This issue arises from flaws in how the software handles incoming data, adversely affecting server performance under certain conditions. It's important to note that this vulnerability does not compromise data confidentiality or integrity. Affected versions are those prior to 1.08.00, and it is crucial for users to update their systems to mitigate potential disruptions.

Affected Version(s)

navify Monitoring 0 < 1.08.00

References

https://preview-owp.roche.com/content/dam/diagnostics/Blu...

vendor-advisory

CVSS V4

Score:

7.1

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 5, 2025
Vulnerability Reserved
Jul 15, 2025