cvelist/2025/0xxx/CVE-2025-0288.json

{
    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
    "CVE_data_meta": {
        "ID": "CVE-2025-0288",
        "ASSIGNER": "cert@cert.org",
        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
                "value": "Paragon Partition Manager version 7.9.1 contains an arbitrary kernel memory vulnerability facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation."
            }
        ]
    },
    "problemtype": {
        "problemtype_data": [
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-131 Incorrect Calculation of Buffer Size"
                    }
                ]
            },
            {
                "description": [
                    {
                        "lang": "eng",
                        "value": "CWE-20 Improper Input Validation"
                    }
                ]
            }
        ]
    },
    "affects": {
        "vendor": {
            "vendor_data": [
                {
                    "vendor_name": "Paragon Software",
                    "product": {
                        "product_data": [
                            {
                                "product_name": "Paragon Partition Manager",
                                "version": {
                                    "version_data": [
                                        {
                                            "version_affected": "=",
                                            "version_value": "7.9.1"
                                        }
                                    ]
                                }
                            }
                        ]
                    }
                }
            ]
        }
    },
    "references": {
        "reference_data": [
            {
                "url": "https://www.kb.cert.org/vuls/id/726882",
                "refsource": "MISC",
                "name": "https://www.kb.cert.org/vuls/id/726882"
            },
            {
                "url": "https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys",
                "refsource": "MISC",
                "name": "https://paragon-software.zendesk.com/hc/en-us/articles/32993902732817-IMPORTANT-Paragon-Driver-Security-Patch-for-All-Products-of-Hard-Disk-Manager-Product-Line-Biontdrv-sys"
            },
            {
                "url": "https://www.paragon-software.com/support/#patches",
                "refsource": "MISC",
                "name": "https://www.paragon-software.com/support/#patches"
            }
        ]
    },
    "generator": {
        "engine": "VINCE 3.0.13",
        "env": "prod",
        "origin": "https://cveawg.mitre.org/api/cve/CVE-2025-0288"
    },
    "source": {
        "discovery": "UNKNOWN"
    }
}