CVE-2025-0289 Information

Description

Paragon Partition Manager version 17 both community and Business versions contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware which can allows an attacker the ability to compromise the service.

Reference

https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys https://www.kb.cert.org/vuls/id/726882