MiniTool
Products
4- 3 CVEs
- 2 CVEs
- 2 CVEs
- 1 CVE
Recent CVEs
8| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-36953 | Hig | 0.51 | 7.8 | 0.00 | Jan 26, 2026 | MiniTool ShadowMaker 3.2 contains an unquoted service path vulnerability in the MTAgentService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\MiniTool ShadowMaker\AgentService.exe' to inject… | ||
| CVE-2023-38351 | 0.00 | — | 0.01 | Sep 19, 2023 | MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack. | |||
| CVE-2023-38354 | 0.00 | — | 0.01 | Sep 19, 2023 | MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack. | |||
| CVE-2023-38352 | 0.00 | — | 0.01 | Sep 19, 2023 | MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack. | |||
| CVE-2023-38356 | 0.00 | — | 0.01 | Sep 19, 2023 | MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack. | |||
| CVE-2023-38355 | 0.00 | — | 0.01 | Sep 19, 2023 | MiniTool Movie Maker 7.0 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack. | |||
| CVE-2023-38353 | 0.00 | — | 0.00 | Sep 19, 2023 | MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack. | |||
| CVE-2022-29320 | 0.00 | — | 0.00 | May 20, 2022 | MiniTool Partition Wizard v12.0 contains an unquoted service path which allows attackers to escalate privileges to the system level. |
- risk 0.51cvss 7.8epss 0.00
MiniTool ShadowMaker 3.2 contains an unquoted service path vulnerability in the MTAgentService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\MiniTool ShadowMaker\AgentService.exe' to inject…
- CVE-2023-38351Sep 19, 2023risk 0.00cvss —epss 0.01
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack.
- CVE-2023-38354Sep 19, 2023risk 0.00cvss —epss 0.01
MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
- CVE-2023-38352Sep 19, 2023risk 0.00cvss —epss 0.01
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack.
- CVE-2023-38356Sep 19, 2023risk 0.00cvss —epss 0.01
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
- CVE-2023-38355Sep 19, 2023risk 0.00cvss —epss 0.01
MiniTool Movie Maker 7.0 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
- CVE-2023-38353Sep 19, 2023risk 0.00cvss —epss 0.00
MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack.
- CVE-2022-29320May 20, 2022risk 0.00cvss —epss 0.00
MiniTool Partition Wizard v12.0 contains an unquoted service path which allows attackers to escalate privileges to the system level.