7 matches found
CVE-2025-0289
Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service...
CVE-2025-0289
Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service...
CVE-2025-0289 CVE-2025-0289
Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service...
CVE-2025-0289
CVE-2025-0289 affects Paragon Software BioNTdrv.sys in the Hard Disk Manager product line. The driver does not validate the MappedSystemVa pointer before passing it to HalReturnToFirmware, enabling a local attacker to compromise the service and escalate privileges (potential SYSTEM-level access)....
CVE-2025-0289
Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service. Recent assessments: Assessed...
CVE-2025-0289
creationtimestamp| type| source ---|---|--- 2025-03-02 16:26:33+00:00| seen| https://mstdn.ca/users/rfwaveio/statuses/114093771201977118 2025-03-03 04:34:36+00:00| seen| https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3ljh4q7nxjc2y 2025-03-03 12:56:00+00:00| seen|...
Paragon Software Hard Disk Manager product line contains five memory vulnerabilities within its BioNTdrv.sys driver that allow for privilege escalation and denial-of-service (DoS) attacks
Overview The Paragon Software Hard Disk Manager HDM product line contains a vulnerable driver titled BioNTdrv.sys. The driver, versions 10.1.X.Y and older, 1.0.0.0, 1.1.0.0, 1.3.0.0, 1.4.0.0, and 1.5.1.0, contain five vulnerabilities. These include arbitrary kernel memory mapping and write...