PT-2022-19537 · Minitool · Minitool Partition Wizard

Published

2022-05-20

Updated

2022-05-26

CVE-2022-29320

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MiniTool Partition Wizard version 12.0

Description The issue allows attackers to escalate privileges to the system level due to an unquoted service path in MiniTool Partition Wizard.

Recommendations For MiniTool Partition Wizard version 12.0, consider updating to a newer version that fixes the unquoted service path issue to prevent privilege escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-428

Related Identifiers

CVE-2022-29320

Affected Products

Minitool Partition Wizard

PT-2022-19537 · Minitool · Minitool Partition Wizard

CVE-2022-29320

Weakness Enumeration

Related Identifiers

Affected Products

References · 4