CVE-2025-30398

Summary

Missing authorization in Nuance PowerScribe allows an unauthorized attacker to disclose information over a network.

Affected Software

VendorProductVersion RangeStatus
MicrosoftNuance PowerScribe 360 version 4.0.14.0.1 < 7.0.111.66affected
MicrosoftNuance PowerScribe 360 version 4.0.24.0.2 < 7.0.154.16affected
MicrosoftNuance PowerScribe 360 version 4.0.34.0.3 < 7.0.197.8affected
MicrosoftNuance PowerScribe 360 version 4.0.44.0.4 < 7.0.212.9affected
MicrosoftNuance PowerScribe 360 version 4.0.54.0.5 < 7.0.243.17affected
MicrosoftNuance PowerScribe 360 version 4.0.64.0.6 < 7.0.277.26affected
MicrosoftNuance PowerScribe 360 version 4.0.74.0.7 < 7.0.316.9affected
MicrosoftNuance PowerScribe 360 version 4.0.84.0.8 < 7.0.427.13affected
MicrosoftNuance PowerScribe 360 version 4.0.94.0.9 < 7.0.528.18affected
MicrosoftNuance PowerScribe One version 2019.12019.1 < 2019.1.96.5affected
MicrosoftNuance PowerScribe One version 2019.102019.10 < 2019.10.36.4affected
MicrosoftNuance PowerScribe One version 2019.22019.2 < 2019.2.9.8affected
MicrosoftNuance PowerScribe One version 2019.32019.3 < 2019.3.16.20affected
MicrosoftNuance PowerScribe One version 2019.42019.4 < 2019.4.9.16affected
MicrosoftNuance PowerScribe One version 2019.52019.5 < 2019.5.14.39affected
MicrosoftNuance PowerScribe One version 2019.62019.6 < 2019.6.36.39affected
MicrosoftNuance PowerScribe One version 2019.72019.7 < 2019.7.107.21affected
MicrosoftNuance PowerScribe One version 2019.82019.8 < 2019.8.43.15affected
MicrosoftNuance PowerScribe One version 2019.92019.9 < 2019.9.31.19affected
MicrosoftPowerScribe One version 2023.1 SP2 Patch 72023.1 < 2023.2.3027.0affected

Weaknesses

  • CWE-862: CWE-862: Missing Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References