Vulnerability Details CVE-2020-12122
In Max Secure Max Spyware Detector 1.0.0.044, the driver file (MaxProc64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x2200019. (This also extends to the various other products from Max Secure that include MaxProc64.sys.)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 17.0%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
- https://github.com/FULLSHADE/Kernel-exploits
- https://github.com/FULLSHADE/Kernel-exploits/tree/master/MaxProc64.sys
- https://www.maxpcsecure.com/spywaredetector.htm
- https://github.com/FULLSHADE/Kernel-exploits
- https://github.com/FULLSHADE/Kernel-exploits/tree/master/MaxProc64.sys
- https://www.maxpcsecure.com/spywaredetector.htm
Products affected by CVE-2020-12122
-
cpe:2.3:a:maxpcsecure:max_spyware_detector:1.0.0.044