Vulnerability Details : CVE-2025-0288
Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation.
Vulnerability category: Gain privilege
Products affected by CVE-2025-0288
Please log in to view affected product information.
Exploit prediction scoring system (EPSS) score for CVE-2025-0288
0.06%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 15 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2025-0288
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
|---|---|---|---|---|---|---|
|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
134c704f-9b21-4f2e-91b3-4a467353bcc0 | 2025-03-04 |
References for CVE-2025-0288
-
https://www.paragon-software.com/support/#patches
Paragon Software Group - Technical Support
-
https://www.kb.cert.org/vuls/id/726882
VU#726882 - Paragon Partition Manager contains five memory vulnerabilities within its BioNTdrv.sys driver that allow for privilege escalation and denial-of-service (DoS) attacks
-
https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys
IMPORTANT! Paragon Driver Security Patch for All Products of Hard Disk Manager Product Line (Biontdrv.sys) – Paragon Support
Jump to