Back to KEVs

CVE-2022-23748

mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what...

Basic Information

CVE State
PUBLISHED
Reserved Date
January 19, 2022
Published Date
November 17, 2022
Last Updated
February 06, 2025
Vendor
n/a
Product
Audinate Dante Application Library for Windows
Description
mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In these scenarios, a malicious attacker could be using the valid and legitimate executable to load malicious files.

CVSS Scores

SSVC Information

Exploitation
active
Technical Impact
total

Exploit Status

Exploited in the Wild
Yes (added 2025-02-06 00:00:00 UTC) Source

References

https://cpr-zero.checkpoint.com/vulns/cprid-2193/%2C https://www.audinate.com/learning/faqs/audinate-response-to-dante-discovery-mdnsresponder-exe-security-issue-cve-2022-23748

Known Exploited Vulnerability Information

Source Added Date
CISA 2025-02-06 00:00:00 UTC