Minitool · Minitool Shadowmaker · CVE-2020-36953
**Name of the Vulnerable Software and Affected Versions**
MiniTool ShadowMaker version 3.2
**Description**
The MTAgentService contains an unquoted service path in 'C:Program FilesMiniTool ShadowMakerAgentService.exe'. This allows local attackers to inject malicious executables and escalate privileges, potentially leading to arbitrary code execution.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.