Natthawut Saexu

**Name of the Vulnerable Software and Affected Versions** Seagate Toolkit versions prior to 2.35.0.6 **Description** The software attempts to load DLLs from the current working directory without validating their origin or integrity. This can be exploited by placing a malicious DLL in the same directory as the installer executable, potentially leading to arbitrary code execution with the privileges of the user running the installer. The issue is due to insecure DLL loading practices, such as relying on relative paths when invoking system libraries. **Recommendations** Update to version 2.35.0.6 or later.

Name of the Vulnerable Software and Affected Versions: Seagate Toolkit versions prior to 2.34.0.33 Description: The service executable path in Seagate Toolkit allows an attacker with administrator privileges to exploit a vulnerability. An attacker with write permissions to the root directory could place a malicious `Program.exe` file, which would then execute with SYSTEM privileges. This issue is classified under CWE-428: Unquoted Search Path or Element. Recommendations: Update Seagate Toolkit to version 2.34.0.33 or later.