AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2022-47636: A DLL hijacking vulnerability has been discovered in OutSystems Service Studio 11 11.53.30 build 61739. When a user open

highvulnerability

security

Source: NVD/CVE DatabaseAugust 10, 2023CVE-2022-47636

Summary

A DLL hijacking vulnerability (a type of attack where malicious files with the same name as legitimate ones are loaded instead) was found in OutSystems Service Studio 11 version 11.53.30. When a user opens a .oml file (OutSystems Modeling Language, a file format used in OutSystems development), the application loads certain DLL files (dynamic link libraries, which are collections of code that programs use) from the same directory, and an attacker could place a crafted malicious DLL there to run arbitrary code (any commands they choose) with the privileges of the logged-in user.

Vulnerability Details

CVSS Score

7.8(high)

EPSS (30-day exploit probability)

EPSS: 0.1%

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-427

Original source: https://nvd.nist.gov/vuln/detail/CVE-2022-47636

First tracked: February 15, 2026 at 08:53 PM

Classified by LLM (prompt v3) · confidence: 95%