PT-2023-26379 · Minitool · Minitool Partition Wizard
0Dr3F
·
Published
2023-09-10
·
Updated
2023-09-22
·
CVE-2023-38352
CVSS v3.1
8.1
High
| Vector | AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
MiniTool Partition Wizard version 12.8
Description
The issue is related to an insecure update mechanism in MiniTool Partition Wizard, which can be exploited by attackers to achieve remote code execution through a man-in-the-middle attack.
Recommendations
For MiniTool Partition Wizard version 12.8, update to a newer version that contains a fix for this issue.
Fix
Improper Certificate Validation
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Minitool Partition Wizard