CVE-2022-23748

HighKnown Exploited

mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under…

checkpoint·CWE-114·Published 2022-11-17

CVSS

7.8

EPSS

0.09

KEV

Yes

Exploits

cve.orgen

273 chars

mDNSResponder.exe is vulnerable to DLL Sideloading attack. Executable improperly specifies how to load the DLL, from which folder and under what conditions. In these scenarios, a malicious attacker could be using the valid and legitimate executable to load malicious files.

NVDen

273 chars

NVDes

307 chars

mDNSResponder.exe es vulnerable al ataque de carga lateral de DLL. El ejecutable especifica incorrectamente cómo cargar la DLL, desde qué carpeta y bajo qué condiciones. En estos escenarios, un atacante malintencionado podría estar utilizando el ejecutable válido y legítimo para cargar archivos maliciosos.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	7.8	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	7.8	—	—	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.1	Primary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H