5.5
CVE-2023-1490
- EPSS 0.3%
- Veröffentlicht 18.03.2023 22:15:11
- Zuletzt bearbeitet 21.11.2024 07:39:17
- Quelle cna@vuldb.com
- CVE-Watchlists
- Unerledigt
LoginMax Secure Anti Virus Plus IoControlCode SDActMon.sys 0x220020 access control
A vulnerability was found in Max Secure Anti Virus Plus 19.0.2.1 and classified as critical. Affected by this issue is the function 0x220020 in the library SDActMon.sys of the component IoControlCode Handler. The manipulation leads to improper access controls. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223376.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Maxpcsecure ≫ Anti Virus Plus Version19.0.2.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.3% | 0.217 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.5 | 1.8 | 3.6 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
|
| cna@vuldb.com | 4.4 | 1.8 | 2.5 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L
|
| cna@vuldb.com | 3.2 | 3.1 | 4.9 |
AV:L/AC:L/Au:S/C:N/I:P/A:P
|
CWE-284 Improper Access Control
The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
https://drive.google.com/file/d/1PmzG42vFkqpwfgTG0KACzyH8oA7OddWG/view
https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1490
https://vuldb.com/?ctiid.223376
https://vuldb.com/?id.223376