← volver
CVE-2025-0288

CVE-2025-0288

CVSS 7.8 HIGHEPSS 0.5%
Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Paragon Software · Backup and RecoveryParagon Software · Disk WiperParagon Software · Drive CopyParagon Software · Hard Disk ManagerParagon Software · Migrate OS to SSDParagon Software · Partition Manager

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-syshttps://www.kb.cert.org/vuls/id/726882https://www.paragon-software.com/support/#patches