CVE-2022-23748
CVE-2022-23748
In short
mDNSResponder.exe can be tricked into loading a fake DLL file from an attacker's folder instead of the legitimate one. An attacker can exploit this by placing a malicious DLL in the same directory as the program, allowing them to run harmful code with the program's privileges.
Technical detail
DLL sideloading vulnerability in mDNSResponder.exe due to improper DLL search path specification. An attacker can place a malicious DLL in a predictable location (e.g., application directory) to hijack legitimate DLL loading, achieving code execution with the privileges of the running process. Requires local file write access to the target directory.
Summary generated and translated by AI from the official description.
mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In these scenarios, a malicious attacker could be using the valid and legitimate executable to load malicious files.
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Affected products
n/a · Audinate Dante Application Library for WindowsWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →