CVE-2025-0285
Published: 03 March 2025
Description
Adversaries may exploit software vulnerabilities in an attempt to elevate privileges.
Security Summary
CVE-2025-0285 is an arbitrary kernel memory mapping vulnerability in the biontdrv.sys driver, affecting various Paragon Software products, including those in the Hard Disk Manager product line. The flaw arises from a failure to properly validate the length of user-supplied data (CWE-1284), enabling potential privilege escalation exploits. It has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
A local attacker with low privileges can exploit this vulnerability by supplying malformed data to the driver, allowing arbitrary kernel memory mapping. Successful exploitation leads to privilege escalation, providing high impacts on confidentiality, integrity, and availability.
Paragon Software has issued a security patch for biontdrv.sys across all Hard Disk Manager products, as outlined in their advisory. Further details on mitigation are available from CERT/CC (VU#726882) and Paragon's support patches page, recommending immediate application of the update to affected systems.
Details
- CWE(s)
Affected Products
MITRE ATT&CK Enterprise Techniques
Why these techniques?
The vulnerability is a local kernel driver flaw enabling arbitrary kernel memory mapping for privilege escalation from low-privileged user context.