CVE-2025-0289 | Vulnerability Database

NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-0289
CWE	https://cwe.mitre.org/data/definitions/.html

NVD

https://nvd.nist.gov/vuln/detail/CVE-2025-0289

CWE

https://cwe.mitre.org/data/definitions/.html

Paragon Partition Manager version 17.9.1, both community and Business versions, contain an insecure kernel resource access vulnerability facilitated by the driver not validating the MappedSystemVa pointer before passing it to HalReturnToFirmware, which can allows an attacker the ability to compromise the service.

References

https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys
https://www.kb.cert.org/vuls/id/726882
https://www.paragon-software.com/support/#patches