Detections
Analytics

CVE-2020-12122

high

Description

In Max Secure Max Spyware Detector 1.0.0.044, the driver file (MaxProc64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x2200019. (This also extends to the various other products from Max Secure that include MaxProc64.sys.)

References

https://www.maxpcsecure.com/spywaredetector.htm

https://github.com/FULLSHADE/Kernel-exploits/tree/master/MaxProc64.sys

https://github.com/FULLSHADE/Kernel-exploits

Details

Source: Mitre, NVD

Published: 2021-02-05

Updated: 2021-07-21

Risk Information

CVSS v2

Base Score: 4.6

Vector: CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P

Severity: Medium

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High

EPSS

EPSS: 0.00054