CVE-2020-12122

HIGH

Max Secure Max Spyware Detector 1.0.0.044 - Denial of Service via IOCtl 0x2200019

Title source: llm
STIX 2.1

Description

In Max Secure Max Spyware Detector 1.0.0.044, the driver file (MaxProc64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x2200019. (This also extends to the various other products from Max Secure that include MaxProc64.sys.)

References (3)

Core 3
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/FULLSHADE/Kernel-exploits/tree/master/MaxProc64.sys

Scores

CVSS v3 7.8
EPSS 0.0047
EPSS Percentile 36.9%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-20
Status published
Products (1)
maxpcsecure/max_spyware_detector 1.0.0.044
Published Feb 05, 2021
Tracked Since Feb 18, 2026