Vulnerability Details CVE-2022-23410
AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same folder.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.007
EPSS Ranking 71.5%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.4
References
Products affected by CVE-2022-23410
-
cpe:2.3:a:axis:ip_utility:-
-
cpe:2.3:a:axis:ip_utility:4.17.0