| ID |
CVE-2025-0288
|
| Sažetak |
Various Paragon Software products contain an arbitrary kernel memory vulnerability within biontdrv.sys, facilitated by the memmove function, which does not validate or sanitize user controlled input, allowing an attacker the ability to write arbitrary kernel memory and perform privilege escalation. |
| Reference |
|
| CVSS |
| Base: | 7.8 |
| Impact: | 5.9 |
| Exploitability: | 1.8 |
|
| Pristup |
| Vektor | Složenost | Autentikacija |
| LOCAL |
LOW |
LOW |
|
| Impact |
| Povjerljivost | Cjelovitost | Dostupnost |
| HIGH |
HIGH |
HIGH |
|
| CVSS vektor |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
| Zadnje važnije ažuriranje |
14-04-2025 - 21:15 |
| Objavljeno |
03-03-2025 - 17:15 |
