← volver
CVE-2025-0289

CVE-2025-0289

CVSS 7.8 HIGHEPSS 0.3%
Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service.
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Productos afectados
Paragon Software · Backup and RecoveryParagon Software · Disk WiperParagon Software · Drive CopyParagon Software · Hard Disk ManagerParagon Software · Migrate OS to SSDParagon Software · Partition Manager

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-syshttps://www.kb.cert.org/vuls/id/726882https://www.paragon-software.com/support/#patches