| Titolo | Max Secure Anti Virus Plus, MaxCryptMon.sys, DoS |
|---|
| Descrizione | Max Secure Anti Virus Plus x.x.x.x, MaxCryptMon.sys x.x.x.x, DoS
https://www.maxpcsecure.com/download.htm
Impact: Denial of Service
Description: From IoControlCode 0x220019, a normal user can cause DoS due to the lack of validating SystemBuffer.
Reproduce: In the attached file DoS.zip, there are DoS.exe, DoS.cpp, MaxAVPlusDM.exe, and MaxCryptMon.sys. DoS.exe is the PoC to cause BSOD where MaxAVPlusDM.exe which contains the vulnerable driver MaxCryptMon.sys is installed, and DoS.cpp is the source code of DoS.exe. To reproduce the issue, just install MaxAVPlusDM.exe and execute DoS.exe. It is expected that the system will crash (BSOD) once DoS.exe is executed. Password for attachment: DoS
https://drive.google.com/file/d/1gp5PD6MTigr4hQQinfFbN9xX9nZmL3OC/view?usp=sharing |
|---|
| Fonte | ⚠️ https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned21 |
|---|
| Utente | Zeze7w (UID 40823) |
|---|
| Sottomissione | 17/03/2023 14:57 (3 anni fa) |
|---|
| Moderazione | 18/03/2023 21:19 (1 day later) |
|---|
| Stato | Duplicato |
|---|
| Voce VulDB | 112432 [Max Secure Anti Virus 19.0.3.019 Driver MaxCryptMon.sys escalationi di privilegi] |
|---|
| Punti | 0 |
|---|