CVE-2025-0289 (GCVE-0-2025-0289)
Vulnerability from cvelistv5 – Published: 2025-03-03 16:24 – Updated: 2025-09-09 14:03
VLAI?
Summary
Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service.
Severity ?
7.8 (High)
CWE
- CWE-1287 - Improper Validation of Specified Type of Input
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Paragon Software | Migrate OS to SSD |
Affected:
4 , ≤ 5
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
},
{
"other": {
"content": {
"id": "CVE-2025-0289",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-04T15:21:49.572240Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-09T14:03:26.472Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"product": "Migrate OS to SSD",
"vendor": "Paragon Software",
"versions": [
{
"lessThanOrEqual": "5",
"status": "affected",
"version": "4",
"versionType": "custom"
}
]
},
{
"product": "Disk Wiper",
"vendor": "Paragon Software",
"versions": [
{
"lessThanOrEqual": "16",
"status": "affected",
"version": "15",
"versionType": "custom"
}
]
},
{
"product": "Drive Copy",
"vendor": "Paragon Software",
"versions": [
{
"lessThanOrEqual": "16",
"status": "affected",
"version": "15",
"versionType": "custom"
}
]
},
{
"product": "Hard Disk Manager",
"vendor": "Paragon Software",
"versions": [
{
"lessThanOrEqual": "17.39",
"status": "affected",
"version": "15",
"versionType": "custom"
}
]
},
{
"product": "Backup and Recovery",
"vendor": "Paragon Software",
"versions": [
{
"lessThanOrEqual": "17.39",
"status": "affected",
"version": "15",
"versionType": "custom"
}
]
},
{
"product": "Partition Manager",
"vendor": "Paragon Software",
"versions": [
{
"lessThanOrEqual": "17.39",
"status": "affected",
"version": "15",
"versionType": "custom"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-1287: Improper Validation of Specified Type of Input",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-05T12:08:26.359Z",
"orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"shortName": "certcc"
},
"references": [
{
"url": "https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys"
},
{
"url": "https://www.kb.cert.org/vuls/id/726882"
},
{
"url": "https://www.paragon-software.com/support/#patches"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "CVE-2025-0289",
"x_generator": {
"engine": "VINCE 3.0.24",
"env": "prod",
"origin": "https://cveawg.mitre.org/api/cve/CVE-2025-0289"
}
}
},
"cveMetadata": {
"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
"assignerShortName": "certcc",
"cveId": "CVE-2025-0289",
"datePublished": "2025-03-03T16:24:38.134Z",
"dateReserved": "2025-01-06T19:15:26.403Z",
"dateUpdated": "2025-09-09T14:03:26.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-0289\",\"sourceIdentifier\":\"cret@cert.org\",\"published\":\"2025-03-03T17:15:13.943\",\"lastModified\":\"2025-06-25T16:49:25.730\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service.\"},{\"lang\":\"es\",\"value\":\"La versi\u00f3n 17 de Paragon Partition Manager, tanto la versi\u00f3n comunitaria como la empresarial, contienen una vulnerabilidad de acceso inseguro a los recursos del kernel facilitada por el controlador que no valida el puntero MappedSystemVa antes de pasarlo a HalReturnToFirmware, lo que puede permitir a un atacante comprometer el servicio.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paragon-software:paragon_backup_\\\\\u0026_recovery:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15\",\"versionEndIncluding\":\"17.39\",\"matchCriteriaId\":\"79494FF3-97A2-4DFA-AFE8-3A4E1C4F2C67\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paragon-software:paragon_disk_wiper:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15\",\"versionEndIncluding\":\"16\",\"matchCriteriaId\":\"2B71A5C9-A1A5-4965-B430-6401C5D87704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paragon-software:paragon_drive_copy:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15\",\"versionEndIncluding\":\"16\",\"matchCriteriaId\":\"7AEEBDE5-02CD-469E-84BC-4EADCB3BEFC9\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paragon-software:paragon_hard_disk_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15\",\"versionEndIncluding\":\"17.39\",\"matchCriteriaId\":\"F70FA517-5000-41D9-BAF4-4853C0C2E2F2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paragon-software:paragon_migrate_os_to_ssd:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"4\",\"versionEndIncluding\":\"5\",\"matchCriteriaId\":\"54699509-C197-4AE6-B1DC-D53365128BD6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:paragon-software:paragon_partition_manager:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"15\",\"versionEndIncluding\":\"17.39\",\"matchCriteriaId\":\"BDBED8CE-A90D-48DC-89F6-CA5EF10DD12C\"}]}]}],\"references\":[{\"url\":\"https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys\",\"source\":\"cret@cert.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"https://www.kb.cert.org/vuls/id/726882\",\"source\":\"cret@cert.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.paragon-software.com/support/#patches\",\"source\":\"cret@cert.org\",\"tags\":[\"Product\"]}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 7.8, \"attackVector\": \"LOCAL\", \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-0289\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-04T15:21:49.572240Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-04T15:22:18.527Z\"}}], \"cna\": {\"title\": \"CVE-2025-0289\", \"source\": {\"discovery\": \"UNKNOWN\"}, \"affected\": [{\"vendor\": \"Paragon Software\", \"product\": \"Migrate OS to SSD\", \"versions\": [{\"status\": \"affected\", \"version\": \"4\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"5\"}]}, {\"vendor\": \"Paragon Software\", \"product\": \"Disk Wiper\", \"versions\": [{\"status\": \"affected\", \"version\": \"15\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"16\"}]}, {\"vendor\": \"Paragon Software\", \"product\": \"Drive Copy\", \"versions\": [{\"status\": \"affected\", \"version\": \"15\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"16\"}]}, {\"vendor\": \"Paragon Software\", \"product\": \"Hard Disk Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"15\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"17.39\"}]}, {\"vendor\": \"Paragon Software\", \"product\": \"Backup and Recovery\", \"versions\": [{\"status\": \"affected\", \"version\": \"15\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"17.39\"}]}, {\"vendor\": \"Paragon Software\", \"product\": \"Partition Manager\", \"versions\": [{\"status\": \"affected\", \"version\": \"15\", \"versionType\": \"custom\", \"lessThanOrEqual\": \"17.39\"}]}], \"references\": [{\"url\": \"https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys\"}, {\"url\": \"https://www.kb.cert.org/vuls/id/726882\"}, {\"url\": \"https://www.paragon-software.com/support/#patches\"}], \"x_generator\": {\"env\": \"prod\", \"engine\": \"VINCE 3.0.24\", \"origin\": \"https://cveawg.mitre.org/api/cve/CVE-2025-0289\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"Various Paragon Software products contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-1287: Improper Validation of Specified Type of Input\"}]}], \"providerMetadata\": {\"orgId\": \"37e5125f-f79b-445b-8fad-9564f167944b\", \"shortName\": \"certcc\", \"dateUpdated\": \"2025-09-05T12:08:26.359Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2025-0289\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-09-09T14:03:26.472Z\", \"dateReserved\": \"2025-01-06T19:15:26.403Z\", \"assignerOrgId\": \"37e5125f-f79b-445b-8fad-9564f167944b\", \"datePublished\": \"2025-03-03T16:24:38.134Z\", \"assignerShortName\": \"certcc\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…