1. Home
  2. Mapping Frameworks
  3. Known Exploited Vulnerabilities Home
  4. Dante Discovery Process Control Vulnerability

Known Exploited Vulnerabilities CVE-2022-23748

Dante Discovery contains a process control vulnerability in mDNSResponder.exe that all allows for a DLL sideloading attack. A local attacker can leverage this vulnerability in the Dante Application Library to execute arbitrary code.

Mappings

Capability ID Capability Description Mapping Type ATT&CK ID ATT&CK Name Notes
CVE-2022-23748 Dante Discovery Process Control Vulnerability exploitation_technique T1203 Exploitation for Client Execution
Comments
An attacker with local access can exploit a DLL sideloading vulnerability by tricking mDNSResponder.exe into loading a malicious DLL, facilitating arbitrary code execution.
References
  1. https://cpr-zero.checkpoint.com/vulns/cprid-2193/
CVE-2022-23748 Dante Discovery Process Control Vulnerability exploitation_technique T1059 Command and Scripting Interpreter
Comments
An attacker with local access can exploit a DLL sideloading vulnerability by tricking mDNSResponder.exe into loading a malicious DLL, facilitating arbitrary code execution.
References
  1. https://cpr-zero.checkpoint.com/vulns/cprid-2193/