5.5
CVE-2023-1490
- EPSS 0.04%
- Veröffentlicht 18.03.2023 22:15:11
- Zuletzt bearbeitet 21.11.2024 07:39:17
- Quelle cna@vuldb.com
- CVE-Watchlists
- Unerledigt
LoginA vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1 and classified as critical. Affected by this issue is the function 0x220020 in the library SDActMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223376.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Maxpcsecure ≫ Anti Virus Plus Version19.0.2.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.04% | 0.097 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
|
| cna@vuldb.com | 4.4 | 1.8 | 2.5 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
|
| cna@vuldb.com | 3.2 | 3.1 | 4.9 |
AV:L/AC:L/Au:S/C:N/I:P/A:P
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.