CVE-2025-0285

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2025-0285
Various Paragon Software products contain an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits.
CVSS

No CVSS.

References
Link Resource
https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys Vendor Advisory
https://www.kb.cert.org/vuls/id/726882 Third Party Advisory
https://www.paragon-software.com/support/#patches Product
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:paragon-software:paragon_backup_\&_recovery:*:*:*:*:*:*:*:*
cpe:2.3:a:paragon-software:paragon_disk_wiper:*:*:*:*:*:*:*:*
cpe:2.3:a:paragon-software:paragon_drive_copy:*:*:*:*:*:*:*:*
cpe:2.3:a:paragon-software:paragon_hard_disk_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:paragon-software:paragon_migrate_os_to_ssd:*:*:*:*:*:*:*:*
cpe:2.3:a:paragon-software:paragon_partition_manager:*:*:*:*:*:*:*:*
History

25 Jun 2025, 16:49

Type Values Removed Values Added
CWE CWE-1284
CPE cpe:2.3:a:paragon-software:paragon_hard_disk_manager:*:*:*:*:*:*:*:*
cpe:2.3:a:paragon-software:paragon_migrate_os_to_ssd:*:*:*:*:*:*:*:*
cpe:2.3:a:paragon-software:paragon_drive_copy:*:*:*:*:*:*:*:*
cpe:2.3:a:paragon-software:paragon_backup_\&_recovery:*:*:*:*:*:*:*:*
cpe:2.3:a:paragon-software:paragon_disk_wiper:*:*:*:*:*:*:*:*
cpe:2.3:a:paragon-software:paragon_partition_manager:*:*:*:*:*:*:*:*
References () https://www.kb.cert.org/vuls/id/726882 - () https://www.kb.cert.org/vuls/id/726882 - Third Party Advisory
References () https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys - () https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys - Vendor Advisory
References () https://www.paragon-software.com/support/#patches - () https://www.paragon-software.com/support/#patches - Product
First Time Paragon-software paragon Drive Copy
Paragon-software paragon Migrate Os To Ssd
Paragon-software paragon Disk Wiper
Paragon-software
Paragon-software paragon Partition Manager
Paragon-software paragon Backup \& Recovery
Paragon-software paragon Hard Disk Manager

14 Apr 2025, 21:15

Type Values Removed Values Added
Summary Paragon Partition Manager version 17.9.1 contains an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits. Various Paragon Software products contain an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits.

27 Mar 2025, 19:15

Type Values Removed Values Added
Summary Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits. Paragon Partition Manager version 17.9.1 contains an arbitrary kernel memory mapping vulnerability within biontdrv.sys that is caused by a failure to properly validate the length of user supplied data, which can allow an attacker to perform privilege escalation exploits.

05 Mar 2025, 14:15

Type Values Removed Values Added
References
  • () https://www.paragon-software.com/support/#patches -

03 Mar 2025, 17:15

Type Values Removed Values Added
New CVE
Information

Published : 2025-03-03 17:15

Updated : 2025-06-25 16:49

NVD link : CVE-2025-0285

Mitre link : CVE-2025-0285

JSON object : View

Products Affected

paragon-software

  • paragon_disk_wiper
  • paragon_migrate_os_to_ssd
  • paragon_backup_\&_recovery
  • paragon_hard_disk_manager
  • paragon_drive_copy
  • paragon_partition_manager
CWE
CWE-1284

Improper Validation of Specified Quantity in Input