CVE-2022-23410

CVE-2022-23410

Vendor Axis Communications Ab
Product AXIS IP Utility
Weakness CWE-427
Published February 14, 2022
Last update November 8, 2024

CVSS base score

What the vulnerability does

01Description

AXIS IP Utility before 4.18.0 allows for remote code execution and local privilege escalation by the means of DLL hijacking. IPUtility.exe would attempt to load DLLs from its current working directory which could allow for remote code execution if a compromised DLL would be placed in the same folder.

Key dates

02Disclosure timeline

February 14, 2022 CVE published
November 8, 2024 Record updated