← back
CVE-2020-12122

CVE-2020-12122

EPSS 0.5%
Vexday Risk Score
3Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS EPSS 0.5%KEV nãoPoC Nuclei Metasploit Patch
Lifecycle
05 Feb 2021Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
In Max Secure Max Spyware Detector 1.0.0.044, the driver file (MaxProc64.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x2200019. (This also extends to the various other products from Max Secure that include MaxProc64.sys.)
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://github.com/FULLSHADE/Kernel-exploitshttps://github.com/FULLSHADE/Kernel-exploits/tree/master/MaxProc64.syshttps://www.maxpcsecure.com/spywaredetector.htm