CVE-2022-23748
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
17/11/2022
Last modified:
24/10/2025
Description
mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In these scenarios, a malicious attacker could be using the valid and legitimate executable to load malicious files.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:a:audinate:dante_application_library:*:*:*:*:*:*:*:* | 1.2.0 (including) | |
| cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page
References to Advisories, Solutions, and Tools
- https://cpr-zero.checkpoint.com/vulns/cprid-2193/%2C
- https://www.audinate.com/learning/faqs/audinate-response-to-dante-discovery-mdnsresponder-exe-security-issue-cve-2022-23748
- https://cpr-zero.checkpoint.com/vulns/cprid-2193/%2C
- https://www.audinate.com/learning/faqs/audinate-response-to-dante-discovery-mdnsresponder-exe-security-issue-cve-2022-23748
- https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2022-23748