CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-0287

Various Paragon Software products contain a null pointer dereference vulnerability within biontdrv.sys that is caused by a lack of a valid MasterLrp structure in the input buffer, allowing an attacker to execute arbitrary code in the kernel, facilitating privilege escalation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.8%

CVSS Severity

CVSS v3 Score 5.1

References

Products affected by CVE-2025-0287

Paragon-Software » Paragon Backup & Recovery » Version: Any

cpe:2.3:a:paragon-software:paragon_backup_&_recovery:*
Paragon-Software » Paragon Disk Wiper » Version: Any

cpe:2.3:a:paragon-software:paragon_disk_wiper:*
Paragon-Software » Paragon Drive Copy » Version: Any

cpe:2.3:a:paragon-software:paragon_drive_copy:*
Paragon-Software » Paragon Hard Disk Manager » Version: Any

cpe:2.3:a:paragon-software:paragon_hard_disk_manager:*
Paragon-Software » Paragon Migrate Os To Ssd » Version: Any

cpe:2.3:a:paragon-software:paragon_migrate_os_to_ssd:*
Paragon-Software » Paragon Partition Manager » Version: Any

cpe:2.3:a:paragon-software:paragon_partition_manager:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-0287

Products

Pricing

Contact Us