CVE-2025-0289

High CVSS: 7.8

Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service.

Vendor

Paragon-software

Product

Paragon Backup \& Recovery

CWE

NVD-CWE-noinfo

Yayın Tarihi

2025-03-03 17:15:13

Güncelleme

2025-06-25 16:49:25

Source Identifier

cret@cert.org

KEV Date Added

Kategoriler

NVD-CWE-noinfo Paragon Backup \& Recovery HIGH Paragon-software 2025

Referanslar

https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys https://www.kb.cert.org/vuls/id/726882 https://www.paragon-software.com/support/#patches

Benzer Kayıtlar

High

CVE-2025-0285

Various Paragon Software products contain an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is c…

High

CVE-2025-0286

Various Paragon Software products contain an arbitrary kernel memory write vulnerability within biontdrv.sys that is cau…

Medium

CVE-2025-0287

Various Paragon Software products contain a null pointer dereference vulnerability within biontdrv.sys that is caused by…

High

CVE-2025-0288

Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by t…