CVE-2025-0288

EUVD-2025-5568
Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA-ADPADP
7.8 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 12%
Affected Products (NVD)
VendorProductVersion
paragon-softwareparagon_backup_\&_recovery
15 ≤
𝑥
≤ 17.39
paragon-softwareparagon_disk_wiper
15 ≤
𝑥
≤ 16
paragon-softwareparagon_drive_copy
15 ≤
𝑥
≤ 16
paragon-softwareparagon_hard_disk_manager
15 ≤
𝑥
≤ 17.39
paragon-softwareparagon_migrate_os_to_ssd
4 ≤
𝑥
≤ 5
paragon-softwareparagon_partition_manager
15 ≤
𝑥
≤ 17.39
𝑥
= Vulnerable software versions
References
https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys
https://www.kb.cert.org/vuls/id/726882
https://www.paragon-software.com/support/#patches