0Dr3F

**Name of the Vulnerable Software and Affected Versions** MiniTool Partition Wizard version 12.8 **Description** The issue is related to an insecure installation mechanism in MiniTool Partition Wizard, which allows attackers to achieve remote code execution through a man-in-the-middle attack. **Recommendations** For MiniTool Partition Wizard version 12.8, consider updating to a newer version that addresses the insecure installation mechanism to prevent remote code execution attacks. As a temporary workaround, restrict internet access during the installation process to minimize the risk of a man-in-the-middle attack.

**Name of the Vulnerable Software and Affected Versions** MiniTool Movie Maker version 4.1 **Description** The issue is related to an insecure installation process in MiniTool Movie Maker, which allows attackers to achieve remote code execution through a man-in-the-middle attack. **Recommendations** For MiniTool Movie Maker version 4.1, consider updating to a newer version that addresses the insecure installation process to prevent remote code execution attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** MiniTool Movie Maker versions 6.1.0 through 7.0 **Description** The issue is related to an insecure installation process in MiniTool Movie Maker, which allows attackers to achieve remote code execution through a man-in-the-middle attack. **Recommendations** For MiniTool Movie Maker version 6.1.0, update to a version later than 7.0 to resolve the issue. For MiniTool Movie Maker version 7.0, update to a version later than 7.0 to resolve the issue. As a temporary workaround, consider restricting network access during the installation process to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** MiniTool Power Data Recovery version 11.6 **Description** The issue is related to an insecure installation process in MiniTool Power Data Recovery, which can be exploited through a man-in-the-middle attack, allowing attackers to achieve remote code execution. **Recommendations** For MiniTool Power Data Recovery version 11.6, update to a newer version that addresses the insecure installation process to prevent remote code execution through man-in-the-middle attacks.

**Name of the Vulnerable Software and Affected Versions** MiniTool Partition Wizard version 12.8 **Description** The issue is related to an insecure update mechanism in MiniTool Partition Wizard, which can be exploited by attackers to achieve remote code execution through a man-in-the-middle attack. **Recommendations** For MiniTool Partition Wizard version 12.8, update to a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** MiniTool Power Data Recovery versions 11.6 and before MiniTool Power Data Recovery version 11.5 **Description** The issue concerns an insecure in-app payment system in MiniTool Power Data Recovery, which can be exploited through a man-in-the-middle attack, allowing attackers to steal highly sensitive information. **Recommendations** For MiniTool Power Data Recovery versions 11.6 and before, update to a version later than 11.6 to resolve the issue. For MiniTool Power Data Recovery version 11.5, update to a version later than 11.5 to resolve the issue. As a temporary workaround, consider disabling the in-app payment system until a patch is available.