CVE-2025-0289: CVE-2025-0289

Description

Paragon Partition Manager version 17, both community and Business versions, contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service.

Classification

CVE ID: CVE-2025-0289

Problem Types

CWE-20 Improper Input Validation CWE-119 Improper Restriction of Operations within the Bounds of a Memory Buffer

Affected Products

Vendor: Paragon Software

Product: Paragon Partition Manager

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.05% (probability of being exploited)

EPSS Percentile: 12.05% (scored less or equal to compared to others)

EPSS Date: 2025-04-01 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-0289
https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys
https://www.kb.cert.org/vuls/id/726882

Timeline

2025-03-03 14:00:33 UTC
TheHackerNews

Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks
2025-03-03 17:40:20 UTC
CVE

CVE-2025-0289