CVE-2020-12122

Name of the Vulnerable Software and Affected Versions Max Secure Max Spyware Detector version 1.0.0.044

Description The issue allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x2200019 in the driver file MaxProc64.sys. This also extends to the various other products from Max Secure that include MaxProc64.sys.

Recommendations For Max Secure Max Spyware Detector version 1.0.0.044, consider disabling the MaxProc64.sys driver file as a temporary workaround until a patch is available. Restrict access to the IOCtl 0x2200019 to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.