CVE-2025-0286

High CVSS: 8.4

Various Paragon Software products contain an arbitrary kernel memory write vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to execute arbitrary code on the victim machine.

Vendor

Paragon-software

Product

Paragon Backup \& Recovery

CWE

CWE-1284

Yayın Tarihi

2025-03-03 17:15:13

Güncelleme

2025-06-25 16:49:16

Source Identifier

cret@cert.org

KEV Date Added

Kategoriler

CWE-1284 Paragon Backup \& Recovery HIGH Paragon-software 2025

Referanslar

https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys https://www.kb.cert.org/vuls/id/726882 https://www.paragon-software.com/support/#patches

Benzer Kayıtlar

High

CVE-2025-0285

Various Paragon Software products contain an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is c…

Medium

CVE-2025-0287

Various Paragon Software products contain a null pointer dereference vulnerability within biontdrv.sys that is caused by…

High

CVE-2025-0288

Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by t…

High

CVE-2025-0289

Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not…