CVE-2020-12122
HIGHMax Secure Max Spyware Detector 1.0.0.044 - Denial of Service via IOCtl 0x2200019
Title source: llmDescription
In Max Secure Max Spyware Detector 1.0.0.044, the driver file (MaxProc64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x2200019. (This also extends to the various other products from Max Secure that include MaxProc64.sys.)
References (3)
Core 3
Core References
Product x_refsource_misc
https://www.maxpcsecure.com/spywaredetector.htm
Product x_refsource_misc
https://github.com/FULLSHADE/Kernel-exploits
Exploit, Third Party Advisory x_refsource_misc
https://github.com/FULLSHADE/Kernel-exploits/tree/master/MaxProc64.sys
Scores
CVSS v3
7.8
EPSS
0.0047
EPSS Percentile
36.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-20
Status
published
Products (1)
maxpcsecure/max_spyware_detector
1.0.0.044
Published
Feb 05, 2021
Tracked Since
Feb 18, 2026