CVE-2020-36953

MiniTool ShadowMaker 3.2 contains an unquoted service path vulnerability in the MTAgentService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\MiniTool ShadowMaker\AgentService.exe' to inject malicious executables and...

CVE-2020-36953

CVE-2020-36953 affects MiniTool ShadowMaker 3.2; MTAgentService exposes an unquoted service path at C:\Program Files\MiniTool ShadowMaker\AgentService.exe, enabling local attackers to potentially insert malicious executables and escalate privileges. The vulnerability is described as a local, unqu...

CVE-2023-38356

MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack...

CVE-2023-38355

MiniTool Movie Maker 7.0 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack...

CVE-2023-38353

MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack...

CVE-2023-38351

MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack...

MiniTool Partition Wizard Trust Management Issue Vulnerability

MiniTool Partition Wizard is a partition manager for home and home office users from MiniTool Canada. A security vulnerability exists in MiniTool Partition Wizard version 12.8, which originates from a vulnerability that allows an attacker to achieve remote code execution via a man-in-the-middle...