CVE-2025-0286

CVE-2025-0286 is an arbitrary kernel memory write vulnerability in the biontdrv.sys driver, affecting various Paragon Software products, particularly those in the Hard Disk Manager product line. The flaw stems from a failure to properly validate the length of user-supplied data, enabling attackers to overwrite kernel memory and execute arbitrary code with kernel-level privileges. It carries a CVSS v3.1 base score of 8.4 (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) and is associated with CWE-1284 (Improper Validation of Specified Quantity in Input). The vulnerability was published on March 3, 2025.

A local attacker with access to the victim system can exploit this vulnerability without requiring privileges or user interaction. By supplying malformed data to the driver, the attacker can achieve arbitrary code execution in kernel mode, potentially leading to full system compromise, including high-impact confidentiality, integrity, and availability violations.

Paragon Software has released a security patch specifically addressing the biontdrv.sys driver vulnerability across all Hard Disk Manager products, as detailed in their support article. Additional guidance is available from the CERT Coordination Center vulnerability note and Paragon's patches support page, recommending immediate application of the update to mitigate the issue.