CVE-2023-1491

A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been classified as critical. This affects the function 0x220020 in the library MaxCryptMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-223377 was assigned to this vulnerability.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.4 MEDIUM
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
VulDBCNA
4.4 MEDIUM
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 6%
VendorProductVersion
maxpcsecureanti_virus_plus
19.0.2.1
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://drive.google.com/file/d/1-h-6ijBvucNU-dYglWW5n4l2ys-MDAF9/view
https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1491
https://vuldb.com/?ctiid.223377
https://vuldb.com/?id.223377
https://drive.google.com/file/d/1-h-6ijBvucNU-dYglWW5n4l2ys-MDAF9/view
https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1491
https://vuldb.com/?ctiid.223377
https://vuldb.com/?id.223377