CVE-2025-7674 HIGH

CVE-2025-7674: navify Monitoring API input validation

Vendor Roche Diagnostics
Product navify Monitoring
Weakness CWE-20 · Input validation
Published August 5, 2025
Last update August 5, 2025

CVSS base score

7.1/10
Attack vector Network
Attack complexity Low
Privileges required Low
User interaction None
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/S:N/AU:Y/R:U/V:D/RE:M/U:Green

What the vulnerability does

01Description

Improper Input Validation vulnerability in Roche Diagnostics navify Monitoring allows an attacker to manipulate input data, which may lead to a denial of service (DoS) due to negatively impacting the server's performance. This vulnerability has no impact on data confidentiality or integrity. This issue affects navify Monitoring before 1.08.00.

Key dates

02Disclosure timeline

August 5, 2025 CVE published
August 5, 2025 Record updated