CVE-2022-23748 - Dante Discovery Process Control Vulnerability

Audinate | Dante Discovery

• Date Added:
• 2025-02-06

• Due Date:
• 2025-02-27

Vulnerability Name

Dante Discovery Process Control Vulnerability

Description

Dante Discovery contains a process control vulnerability in mDNSResponder.exe that all allows for a DLL sideloading attack. A local attacker can leverage this vulnerability in the Dante Application Library to execute arbitrary code.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://www.getdante.com/support/faq/audinate-response-to-dante-discovery-mdnsresponder-exe-security-issue-cve-2022-23748/ ; https://nvd.nist.gov/vuln/detail/CVE-2022-23748

Related News Articles

XE Hacker Group Exploits VeraCore Zero-Day to Deploy Persistent Web ShellsFebruary 10, 2025