CVE-2025-7674
BaseFortify
Publication date: 2025-08-05
Last updated on: 2025-08-05
Assigner: Roche Diagnostics
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| roche | navify_monitoring | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-20 | The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an Improper Input Validation issue in Roche Diagnostics navify Monitoring before version 1.08.00. It allows an attacker to manipulate input data, which can negatively impact the server's performance and potentially cause a denial of service (DoS). It does not affect data confidentiality or integrity.
How can this vulnerability impact me? :
The vulnerability can lead to a denial of service (DoS) by degrading the server's performance, which may cause service interruptions or unavailability. However, it does not compromise data confidentiality or integrity.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
This vulnerability does not impact data confidentiality or integrity, so it is unlikely to directly affect compliance with standards and regulations focused on data protection such as GDPR or HIPAA. However, denial of service could affect availability requirements depending on the specific regulatory context.