CVE-2023-1492

Name of the Vulnerable Software and Affected Versions Max Secure Anti Virus Plus version 19.0.2.1

Description A vulnerability was found in the library MaxProc64.sys of the component IoControlCode Handler, affecting the function 0x220019. The manipulation of the SystemBuffer argument leads to denial of service. This issue requires local attacking to be exploited. The exploit has been disclosed to the public.

Recommendations For Max Secure Anti Virus Plus version 19.0.2.1, as a temporary workaround, consider restricting access to the IoControlCode Handler component until a patch is available. Additionally, avoid using the SystemBuffer argument in the affected library until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.