Max Secure Anti Virus Plus, MaxProctetor64.sys, DoS
Vulnerability Info
Version
- Max Secure Anti Virus Plus 19.0.2.1, MaxProctetor64.sys 2.0.1.1
- https://www.maxpcsecure.com/download.htm
Impact
Denial of Service
Description
From IoControlCode 0x220009, 0x22000d, 0x220011, and 0x220019, a normal user can cause DoS due to the lack of validating SystemBuffer.
Reproduce
In the attached file DoS.zip, there are DoS.exe, DoS.cpp, MaxAVPlusDM.exe, and MaxProctetor64.sys. DoS.exe is the PoC to cause BSOD where MaxAVPlusDM.exe which contains the vulnerable driver MaxProctetor64.sys is installed, and DoS.cpp is the source code of DoS.exe. To reproduce the issue, just install MaxAVPlusDM.exe and execute DoS.exe. It is expected that the system will crash (BSOD) once DoS.exe is executed. Password for attachment: DoS https://drive.google.com/file/d/109wWkX5FbYrKKqQBXBC1_uLyi02Y7sqF/view?usp=sharing