Search Results (9 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-15475 1 Minitool 1 Partition Wizard 2026-07-12 5.3 Medium
A weakness has been identified in MiniTool Partition Wizard up to 13.6. The affected element is an unknown function in the library pwdrvio.sys of the component Signed Kernel Driver. This manipulation causes improper access controls. The attack can only be executed locally. The exploit has been made available to the public and could be used for attacks. Upgrading to version 13.9 is sufficient to fix this issue. The affected component should be upgraded. The vendor was contacted early about this disclosure.
CVE-2020-36953 1 Minitool 1 Shadowmaker 2026-04-15 7.8 High
MiniTool ShadowMaker 3.2 contains an unquoted service path vulnerability in the MTAgentService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\MiniTool ShadowMaker\AgentService.exe' to inject malicious executables and escalate privileges.
CVE-2023-38356 1 Minitool 1 Power Data Recovery 2024-11-21 8.1 High
MiniTool Power Data Recovery 11.6 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2023-38355 1 Minitool 1 Movie Maker 2024-11-21 8.1 High
MiniTool Movie Maker 7.0 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2023-38354 1 Minitool 1 Shadowmaker 2024-11-21 8.1 High
MiniTool Shadow Maker version 4.1 contains an insecure installation process that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2023-38353 1 Minitool 1 Power Data Recovery 2024-11-21 5.9 Medium
MiniTool Power Data Recovery version 11.6 and before contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack.
CVE-2023-38352 1 Minitool 1 Partition Wizard 2024-11-21 8.1 High
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2023-38351 1 Minitool 1 Partition Wizard 2024-11-21 8.1 High
MiniTool Partition Wizard 12.8 contains an insecure installation mechanism that allows attackers to achieve remote code execution through a man in the middle attack.
CVE-2022-29320 1 Minitool 1 Partition Wizard 2024-11-21 7.8 High
MiniTool Partition Wizard v12.0 contains an unquoted service path which allows attackers to escalate privileges to the system level.