Denial of Service Vulnerability in Max Secure Max Spyware Detector 1.0.0.044

Denial of Service Vulnerability in Max Secure Max Spyware Detector 1.0.0.044

CVE-2020-12122 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

In Max Secure Max Spyware Detector 1.0.0.044, the driver file (MaxProc64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x2200019. (This also extends to the various other products from Max Secure that include MaxProc64.sys.)

Learn more about our User Device Pen Test.