cve/2025/CVE-2025-0287.md

### [CVE-2025-0287](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0287)
![](https://img.shields.io/static/v1?label=Product&message=Backup%20and%20Recovery&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Disk%20Wiper&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Drive%20Copy&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Hard%20Disk%20Manager&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Migrate%20OS%20to%20SSD&color=blue)
![](https://img.shields.io/static/v1?label=Product&message=Partition%20Manager&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=15%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=4%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476%20NULL%20Pointer%20Dereference&color=brightgreen)

### Description

Various Paragon Software products contain a null pointer dereference vulnerability within biontdrv.sys that is caused by a lack of a valid MasterLrp structure in the input buffer, allowing an attacker to execute arbitrary code in the kernel, facilitating privilege escalation.

### POC

#### Reference
No PoCs from references.

#### Github
- https://github.com/ARPSyndicate/cve-scores
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`### [CVE-2025-0287](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-0287)`
			`![](https://img.shields.io/static/v1?label=Product&message=Backup%20and%20Recovery&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Disk%20Wiper&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Drive%20Copy&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Hard%20Disk%20Manager&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Migrate%20OS%20to%20SSD&color=blue)`
			`![](https://img.shields.io/static/v1?label=Product&message=Partition%20Manager&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=15%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Version&message=4%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-476%20NULL%20Pointer%20Dereference&color=brightgreen)`

			`### Description`

			`Various Paragon Software products contain a null pointer dereference vulnerability within biontdrv.sys that is caused by a lack of a valid MasterLrp structure in the input buffer, allowing an attacker to execute arbitrary code in the kernel, facilitating privilege escalation.`

			`### POC`

			`#### Reference`
			`No PoCs from references.`

			`#### Github`
			`- https://github.com/ARPSyndicate/cve-scores`