CVE-2023-1491

Published: Mar 18, 2023Modified: Nov 21, 2024

5.5

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Exploitability: 1.8 / Impact: 3.6

Source: NVD

Description

A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1. It has been classified as critical. This affects the function 0x220020 in the library MaxCryptMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier VDB-223377 was assigned to this vulnerability.

Affected (1)

Products: Maxpcsecure: Anti Virus Plus

1 product

Anti Virus Plus

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Maxpcsecure Anti Virus Plus	Version 19.0.2.1

Related CWEs

Improper Access Control

The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.

References (8)

https://drive.google.com/file/d/1-h-6ijBvucNU-dYglWW5n4l2ys-MDAF9/view

Source: cna@vuldb.com

Exploit

https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1491

Source: cna@vuldb.com

ExploitThird Party Advisory

https://vuldb.com/?ctiid.223377

Source: cna@vuldb.com

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.223377

Source: cna@vuldb.com

Third Party Advisory

https://drive.google.com/file/d/1-h-6ijBvucNU-dYglWW5n4l2ys-MDAF9/view

Source: af854a3a-2127-422b-91ae-364da2661108

Exploit

https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1491

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

https://vuldb.com/?ctiid.223377

Source: af854a3a-2127-422b-91ae-364da2661108

Permissions RequiredThird Party Advisory

https://vuldb.com/?id.223377

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.