{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-02T11:57:02.602","vulnerabilities":[{"cve":{"id":"CVE-2025-0289","sourceIdentifier":"cret@cert.org","published":"2025-03-03T17:15:13.943","lastModified":"2025-06-25T16:49:25.730","vulnStatus":"Analyzed","cveTags":[],"descriptions":[{"lang":"en","value":"Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service."},{"lang":"es","value":"La versión 17 de Paragon Partition Manager, tanto la versión comunitaria como la empresarial, contienen una vulnerabilidad de acceso inseguro a los recursos del kernel facilitada por el controlador que no valida el puntero MappedSystemVa antes de pasarlo a HalReturnToFirmware, lo que puede permitir a un atacante comprometer el servicio."}],"metrics":{"cvssMetricV31":[{"source":"134c704f-9b21-4f2e-91b3-4a467353bcc0","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":7.8,"baseSeverity":"HIGH","attackVector":"LOCAL","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:paragon-software:paragon_backup_\\&_recovery:*:*:*:*:*:*:*:*","versionStartIncluding":"15","versionEndIncluding":"17.39","matchCriteriaId":"79494FF3-97A2-4DFA-AFE8-3A4E1C4F2C67"},{"vulnerable":true,"criteria":"cpe:2.3:a:paragon-software:paragon_disk_wiper:*:*:*:*:*:*:*:*","versionStartIncluding":"15","versionEndIncluding":"16","matchCriteriaId":"2B71A5C9-A1A5-4965-B430-6401C5D87704"},{"vulnerable":true,"criteria":"cpe:2.3:a:paragon-software:paragon_drive_copy:*:*:*:*:*:*:*:*","versionStartIncluding":"15","versionEndIncluding":"16","matchCriteriaId":"7AEEBDE5-02CD-469E-84BC-4EADCB3BEFC9"},{"vulnerable":true,"criteria":"cpe:2.3:a:paragon-software:paragon_hard_disk_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15","versionEndIncluding":"17.39","matchCriteriaId":"F70FA517-5000-41D9-BAF4-4853C0C2E2F2"},{"vulnerable":true,"criteria":"cpe:2.3:a:paragon-software:paragon_migrate_os_to_ssd:*:*:*:*:*:*:*:*","versionStartIncluding":"4","versionEndIncluding":"5","matchCriteriaId":"54699509-C197-4AE6-B1DC-D53365128BD6"},{"vulnerable":true,"criteria":"cpe:2.3:a:paragon-software:paragon_partition_manager:*:*:*:*:*:*:*:*","versionStartIncluding":"15","versionEndIncluding":"17.39","matchCriteriaId":"BDBED8CE-A90D-48DC-89F6-CA5EF10DD12C"}]}]}],"references":[{"url":"https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys","source":"cret@cert.org","tags":["Vendor Advisory"]},{"url":"https://www.kb.cert.org/vuls/id/726882","source":"cret@cert.org","tags":["Third Party Advisory"]},{"url":"https://www.paragon-software.com/support/#patches","source":"cret@cert.org","tags":["Product"]}]}}]}