79 matches found
CVE-2023-38356
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack...
MiniTool Partition Wizard Trust Management Issue Vulnerability
MiniTool Partition Wizard is a partition manager for home and home office users from MiniTool Canada. A security vulnerability exists in MiniTool Partition Wizard version 12.8, which originates from a vulnerability that allows an attacker to achieve remote code execution via a man-in-the-middle...
CVE-2023-38352
CVE-2023-38352 affects MiniTool Partition Wizard 12.8. The issue is an insecure update mechanism that allows remote code execution via a man-in-the-middle attack. Root cause is lack of proper update integrity/authentication during updates, enabling an attacker on the network to tamper update deli...
CVE-2023-38353
MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack...
CVE-2023-38351
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38353
MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack...
CVE-2023-38356
CVE-2023-38356 affects MiniTool Power Data Recovery 11.6. The vulnerability arises from an insecure installation process that enables a man-in-the-middle attack to achieve remote code execution. Documents from multiple sources confirm the issue and its impact (RCE via MITM) and consistently cite ...
CVE-2023-38352
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38356
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38351
CVE-2023-38351 affects MiniTool Partition Wizard 12.8. The vulnerability stems from an insecure installation mechanism that enables remote code execution via a man-in-the-middle attack. Documented impact indicates high-severity with network attack vector, no user interaction required, and affects...
CVE-2023-38351
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38353
Affected software: MiniTool Power Data Recovery, version 11.6 and earlier. Vulnerability: insecure in-app payment system that enables a man-in-the-middle attack to exfiltrate highly sensitive information. Impact: information disclosure due to compromised payment flow; no other impacts stated. Roo...
CVE-2023-38354
MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack...
PT-2023-26378 · Minitool · Minitool Partition Wizard
Name of the Vulnerable Software and Affected Versions: MiniTool Partition Wizard version 12.8 Description: The issue is related to an insecure installation mechanism in MiniTool Partition Wizard, which allows attackers to achieve remote code execution through a man-in-the-middle attack...
CVE-2023-38355
The CVE-2023-38355 entry concerns MiniTool Movie Maker 7.0, where an insecure installation process enables remote code execution via a man‑in‑the‑middle (MITM) attack. Affected versions span 6.1.0 to 7.0, with mitigations suggesting upgrades to versions later than 7.0 for 7.0 and later than 7.0 f...
CVE-2023-38352
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack...
CVE-2023-38354
CVE-2023-38354 affects MiniTool Shadow Maker version 4.1. The vulnerability arises from an insecure installation process that can enable a remote code execution via a man-in-the-middle attack. The available sources (NVD/Red Hat/CVE catalogs) describe the issue and its exploitability in terms of a...
CVE-2023-38354
MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack...
PT-2023-26379 · Minitool · Minitool Partition Wizard
Name of the Vulnerable Software and Affected Versions: MiniTool Partition Wizard version 12.8 Description: The issue is related to an insecure update mechanism in MiniTool Partition Wizard, which can be exploited by attackers to achieve remote code execution through a man-in-the-middle attack...
PT-2023-26380 · Minitool · Minitool Power Data Recovery
Name of the Vulnerable Software and Affected Versions: MiniTool Power Data Recovery versions 11.6 and before MiniTool Power Data Recovery version 11.5 Description: The issue concerns an insecure in-app payment system in MiniTool Power Data Recovery, which can be exploited through a...