Description
Deserialization of untrusted data in Nuance PowerScribe allows an unauthorized attacker to execute code over a network.
CVSS breakdown
CVSS 3.1
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
E
Unchanged
RL
O
RC
Changed
Affected products
- Microsoft / Nuance PowerScribe 360 4.04.0 – 7.0.11.49
- Microsoft / Nuance PowerScribe 360 version 4.0.14.0.1 – 7.0.111.68
- Microsoft / Nuance PowerScribe 360 version 4.0.24.0.2 – 7.0.154.18
- Microsoft / Nuance PowerScribe 360 version 4.0.34.0.3 – 7.0.197.10
- Microsoft / Nuance PowerScribe 360 version 4.0.44.0.4 – 7.0.212.10
- Microsoft / Nuance PowerScribe 360 version 4.0.54.0.5 – 7.0.243.19
- Microsoft / Nuance PowerScribe 360 version 4.0.64.0.6 – 7.0.277.28
- Microsoft / Nuance PowerScribe 360 version 4.0.74.0.7 – 7.0.316.12
- Microsoft / Nuance PowerScribe 360 version 4.0.84.0.8 – 7.0.427.15
- Microsoft / Nuance PowerScribe 360 version 4.0.94.0.9 – 7.0.528.24
- Microsoft / Nuance PowerScribe One version 2019.12019.1 – 2019.1.96.6
- Microsoft / Nuance PowerScribe One version 2019.102019.10 – 2019.10.36.14
- Microsoft / Nuance PowerScribe One version 2019.22019.2 – 2019.2.9.11
- Microsoft / Nuance PowerScribe One version 2019.32019.3 – 2019.3.16.21
- Microsoft / Nuance PowerScribe One version 2019.42019.4 – 2019.4.9.17
- Microsoft / Nuance PowerScribe One version 2019.52019.5 – 2019.5.14.40
- Microsoft / Nuance PowerScribe One version 2019.62019.6 – 2019.6.36.40
- Microsoft / Nuance PowerScribe One version 2019.72019.7 – 2019.7.107.26
- Microsoft / Nuance PowerScribe One version 2019.82019.8 – 2019.8.43.19
- Microsoft / Nuance PowerScribe One version 2019.92019.9 – 2019.9.31.23
- Microsoft / PowerScribe One version 2023.1 SP2 Patch 112023.1 – 2023.2.3054
- Microsoft / PowerScribe One version 2023.1 SP3 Patch 62023.1 – 2023.3.9072