CVE-2022-23410

Name of the Vulnerable Software and Affected Versions AXIS IP Utility versions prior to 4.18.0

Description The issue allows for remote code execution and local privilege escalation through DLL hijacking. IPUtility.exe attempts to load DLLs from its current working directory, which could allow for remote code execution if a compromised DLL is placed in the same folder.

Recommendations For versions prior to 4.18.0, update to version 4.18.0 or later to resolve the issue. As a temporary workaround, consider restricting access to the directory where IPUtility.exe is located to minimize the risk of exploitation.