CVE-2025-0288 | Vulnerability Database

NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-0288
CWE	https://cwe.mitre.org/data/definitions/.html

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-0288

CWE

https://cwe.mitre.org/data/definitions/.html

Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation.

References

https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys
https://www.kb.cert.org/vuls/id/726882
https://www.paragon-software.com/support/#patches