7.8
CVE-2025-0289
- EPSS 0.31%
- Veröffentlicht 03.03.2025 17:15:13
- Zuletzt bearbeitet 25.06.2025 16:49:25
- Quelle cret@cert.org
- CVE-Watchlists
- Unerledigt
LoginCVE-2025-0289
Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Paragon-software ≫ Paragon Disk Wiper Version >= 15 <= 16
Paragon-software ≫ Paragon Drive Copy Version >= 15 <= 16
Paragon-software ≫ Paragon Hard Disk Manager Version >= 15 <= 17.39
Paragon-software ≫ Paragon Migrate Os To Ssd Version >= 4 <= 5
Paragon-software ≫ Paragon Partition Manager Version >= 15 <= 17.39
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.31% | 0.225 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys
https://www.kb.cert.org/vuls/id/726882
https://www.paragon-software.com/support/#patches