Unrated severityNVD Advisory· Published Feb 14, 2022· Updated Nov 8, 2024

CVE-2022-23410

Description

AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same folder.

Affected products

Axis Communications Ab/Axis Ip Utilityv5
Range: All version prior to 4.18.0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.axis.com/files/tech_notes/CVE-2022-23410.pdfmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000