Description
A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been declared as problematic. This vulnerability affects the function 0x220019 in the library MaxProc64.sys of the component IoControlCode Handler. The manipulation of the argument SystemBuffer leads to denial of service. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. VDB-223378 is the identifier assigned to this vulnerability.
References (4)
Core 4
Core References
Third Party Advisory vdb-entry
technical-description
https://vuldb.com/?id.223378
Permissions Required, Third Party Advisory signature
permissions-required
https://vuldb.com/?ctiid.223378
Exploit, Third Party Advisory related
https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1492
Scores
CVSS v3
5.5
EPSS
0.0032
EPSS Percentile
23.2%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Details
CWE
CWE-404
Status
published
Products (1)
maxpcsecure/anti_virus_plus
19.0.2.1
Published
Mar 18, 2023
Tracked Since
Feb 18, 2026