CVE-2022-23748 Audinate CVE debrief

Who should care

Organizations that deploy Audinate Dante Discovery, especially endpoint, audio-network, and infrastructure administrators responsible for discovery or process-control components.

Technical summary

The supplied source corpus identifies the issue as a "Dante Discovery Process Control Vulnerability" in Audinate Dante Discovery and confirms it is cataloged by CISA as known exploited. No additional exploit mechanics, affected versions, or impact details are provided in the supplied materials. Operationally, the key defensive signal is the KEV listing, which elevates urgency regardless of the limited technical detail available here.

Defensive priority

High. CISA KEV inclusion indicates confirmed exploitation risk, so remediation should be scheduled immediately using vendor guidance or product discontinuation if no mitigation exists.

Recommended defensive actions

• Review the vendor advisory referenced in CISA’s KEV notes for mitigation or replacement steps.
• Apply any vendor-recommended mitigations as soon as possible.
• If mitigations are unavailable, discontinue use of Audinate Dante Discovery per CISA guidance.
• Verify whether Dante Discovery is deployed anywhere in your environment, including unmanaged or forgotten endpoints.
• Track exposure until remediation is complete and confirm the affected component is no longer reachable or in use.

Evidence notes

This debrief is based only on the supplied CISA KEV metadata and the official reference links included in the corpus. The corpus confirms the CVE ID, product name, KEV status, and CISA’s remediation guidance, but does not include the full vendor advisory text or detailed NVD narrative. Timing context uses the supplied CVE/KEV dates: published/modified 2025-02-06 and KEV due date 2025-02-27.

Official resources